Univention Bugzilla – Bug 47047
SAML certificate verification failed!
Last modified: 2021-05-14 16:34:00 CEST
We could try to provide an automated solution for this. It may be as easy as univention-run-join-scripts --force --run-scripts 92univention-management-console-web-server +++ This bug was initially created as a clone of Bug #45515 +++ Version: 4.2-2 errata189 (Lesum) Remark: Open UCC setup after upgrade to 4.2.2-189 on UCS member server Execution of command 'uccsetup/info/networks' has failed: Traceback (most recent call last): File "%PY2.7%/univention/management/console/base.py", line 249, in execute function.__func__(self, request, *args, **kwargs) File "%PY2.7%/univention/management/console/modules/decorators.py", line 318, in _response result = _multi_response(self, request) File "%PY2.7%/univention/management/console/modules/decorators.py", line 192, in _response return function(self, request) File "%PY2.7%/univention/management/console/modules/decorators.py", line 440, in _response return list(function(self, iterator, *nones)) File "%PY2.7%/univention/management/console/modules/decorators.py", line 286, in _fake_func yield function(self, *args) File "%PY2.7%/univention/management/console/modules/uccsetup/__init__.py", line 58, in info_networks ldap_connection = util.get_ldap_connection() File "%PY2.7%/univention/management/console/modules/uccsetup/util.py", line 119, in get_ldap_connection _bind_callback(lo) File "%PY2.7%/univention/management/console/base.py", line 350, in bind_user_connection lo.lo.bind_saml(self._password) File "%PY2.7%/univention/uldap.py", line 175, in bind_saml self.lo.sasl_interactive_bind_s('', saml) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 892, in sasl_interactive_bind_s res = self._apply_method_s(SimpleLDAPObject.sasl_interactive_bind_s,*args,**kwargs) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 860, in _apply_method_s return func(self,*args,**kwargs) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 236, in sasl_interactive_bind_s return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 106, in _ldap_call result = func(*args,**kwargs) INVALID_CREDENTIALS: {'info': 'SASL(-13): authentication failure: SAML assertion signature verification failure (error -111)', 'desc': 'Invalid credentials'}
(In reply to Dirk Wiesenthal from comment #0) > We could try to provide an automated solution for this. It may be as easy as > univention-run-join-scripts --force --run-scripts > 92univention-management-console-web-server > > +++ This bug was initially created as a clone of Bug #45515 +++ Because of Bug 48198 the workaround does not help completely for UCS versions below 4.4.
This issue has been filed against UCS 4.3. UCS 4.3 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.