LDAP users with group inherited role are unable to login to Cloud Director 10.2 after upgrading from a previous release
Article ID: 322123
Updated On:
Products
VMware Cloud Director
Issue/Introduction
Symptoms:
- LDAP users cannot log into Cloud Director after upgrading to 10.2 or 10.2.1 from a previous release.
- LDAP user inherits their role from an LDAP group added to Cloud Director.
- Affected Organizations are using the System LDAP Mode instead of the Custom LDAP Service option.
- Logins fail with an Authentication Error message.
- The /opt/vmware/vcloud-director/logs/vcloud-container-debug.log on the Cells have errors of the form:
| ERROR | pool-jetty-59 | DefaultExceptionMapper | Internal server exception | requestId=<TASK_UUID>,request=POST https://vcloud.example.com/cloudapi/1.0.0/sessions,requestTime=1615461560581,remoteAddress=<IP>:60532,userAgent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ...,accept=application/json;version 35.0
java.lang.NullPointerException
at (UserDaoImpl.java:676)
at com.vmware.ssdc.backendbase.dao.impl.UserDaoImpl.toUserSpec(UserDaoImpl.java:614)
at com.vmwacom.vmware.ssdc.backendbase.dao.impl.UserDaoImpl.populateUserSpecre.ssdc.backendbase.dao.impl.UserDaoImpl.findUserByUserId(UserDaoImpl.java:109)
java.lang.NullPointerException
at (UserDaoImpl.java:676)
at com.vmware.ssdc.backendbase.dao.impl.UserDaoImpl.toUserSpec(UserDaoImpl.java:614)
at com.vmwacom.vmware.ssdc.backendbase.dao.impl.UserDaoImpl.populateUserSpecre.ssdc.backendbase.dao.impl.UserDaoImpl.findUserByUserId(UserDaoImpl.java:109)
Environment
VMware Cloud Director 10.x
Cause
This is a known issue affecting Cloud Director 10.2 and 10.2.1.
Resolution
This issue is resolved in Cloud Director 10.2.2 and later as per the release notes here, VMware Cloud Director 10.2.2 Release Notes.
Cloud Director 10.2.2 is available for download at the following link, Download VMware Cloud Director.
Feedback
Yes
No
Powered by
