I see that it logs a lot if you increase your suitecrm.log log level to info, that might provide more clues. This can be changed from the UI: Admin / System settings, or from a text entry in public/legacy/config_override.php:
$sugar_config['logger']['level'] = 'info';
The messages will appear in public/legacy/suitecrm.log
I can’t change anything via UI since I’m locked out since I ran the update.
I just have to finish a task here and I’ll add that to config override and increase the logging level in order to see if I get other feedback,
But I am starting to doubt that as I don’t believe the log will show how the request was being properly formed before, and is wrong now.
Which leaves us with the part where apparently the SuiteCRM developers did breaking changes that screwed up this, but are absolutely clueless about what changes were done, and how it came to affect LDAP. Clueless is a keyword.
Whenever I attempt to login, this is the output I get on suitecrm.log
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Found language file: en_us.lang.php
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Found custom language file: en_us.lang.php
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Query:SELECT id, name, symbol, conversion_rate FROM currencies WHERE status = 'Active' and deleted = 0
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Query Execution Time:0.0011050701141357
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Query:SELECT category, name, value FROM config
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Query Execution Time:0.0012409687042236
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Query:SELECT id FROM outbound_email WHERE type = 'system' AND deleted = 0
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Query Execution Time:0.00098991394042969
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Query:SELECT * FROM outbound_email WHERE id = '67d4e908-187c-5bfe-0080-64440daa0029'
Fri Jan 26 16:01:53 2024 [1070][-none-][INFO] Query Execution Time:0.0011289119720459
EDIT: by the way that ID belongs to the system user (user_id = 1), just checked on the database at table outbound_email.
I want to see the messages that have ldapauth, at least that will give me an idea of where we are in the code
The email messages are mysterious but for now I would say they’re harmless, probably just some part of the init process of the app, loading the current user and some other related info.
with debug enabled you get this (I had actually tried it already but the output was so irrelevant I didn’t care to put it here)
==> public/legacy/suitecrm.log <==
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] current_language is: en_us
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCacheAPC
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCacheFile
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCacheMemcache
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCacheMemcached
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCacheMemory
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Using cache backend SugarCacheMemory, since 999 is less than 1000
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCacheRedis
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCacheWincache
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCacheZend
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Found cache backend SugarCachesMash
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Found language file: en_us.lang.php
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Found custom language file: en_us.lang.php
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Query:SELECT id, name, symbol, conversion_rate FROM currencies WHERE status = 'Active' and deleted = 0
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Query Execution Time:0.0010459423065186
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Query:SELECT category, name, value FROM config
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Query Execution Time:0.0010290145874023
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Query:SELECT id FROM outbound_email WHERE type = 'system' AND deleted = 0
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Query Execution Time:0.00092887878417969
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Query:SELECT * FROM outbound_email WHERE id = '67d4e908-187c-5bfe-0080-64440daa0029'
Fri Jan 26 16:26:51 2024 [2598][-none-][INFO] Query Execution Time:0.0010130405426025
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Hook called: ::after_entry_point
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Including module specific hook file for custom/modules
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Including Ext hook file for custom/application
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Hook called: ::server_round_trip
Fri Jan 26 16:26:51 2024 [2598][-none-][DEBUG] Calling MySQLi::disconnect()
There’s no ldapauth, but if you have other level that want me to give a try, let’s have it.
I really expected to see more, I can’t explain how SuiteCRM is attempting any LDAP authentication without passing through that code I linked above, which has several lines logging stuff…
I bet you would, cause you don’t know better. So you think IPA is an LDAP server, but it’s not.
Also it’s borderline insulting blaming the external system for the f*** ups of so called devs here.
But worry not, mine is just one system, I’ll wait patiently for you to suggest Microsoft AD users to also use something else. ffs
It’s anybody’s guess where the bug is. To find it, I’d try it out with a different LDAP server than the one that’s a part of the FreeIPA server, as a test, to see how it works differently, if it does. This gives the community valuable troubleshooting information.
It’s anybody’s guess where the bug is
Version 8.4.1 had the EXACT SAME CONFIGURATION, WORKING
People reporting problems here use different implementations, I am using Red Hat IDM (not freeipa, that’s the open-source version for you to learn something), there’s people using Microsoft Active Directory.
Want to guess where the problem is, so different implementations that were previously working and now are not after an update of SuiteCRM? Would you like a drawing to help you guess where the problem is?
Click on “Files Changed”.
Perhaps someone with very high familiarity with the 8.x code could review and determine if a code change could cause LDAP authentication failure in 8.5.0?
OK thanks for that @maverickws
Here’s the updated code from 8.4.1 to 8.4.2 it’s only 11 commits, 84 files, 7 contributors!
Pro Tip: The way to find which commit caused this issue (if indeed it’s an issue in the 8.4.2 code), is called git bisect. It’s a real git command used to pinpoint the cause of issues.
How to Use Git Bisect! https://www.youtube.com/watch?v=D7JJnLFOn4A