AD Usermanager auth unable to sync

Trying to get AD auth working; no errors in the UI, but running fwconsole userman sync -v get’s a whoops in console, and the following output:

# fwconsole userman sync -v
Starting Sync...
Updating All Users
Retrieving all users...

                                         
  [Whoops\Exception\ErrorException]      
  ldap_search(): Search: No such object  
                                         


Exception trace:
 () at /var/www/html/admin/modules/userman/functions.inc/auth/modules/Msad.php:597
 Whoops\Run->handleError() at n/a:n/a
 ldap_search() at /var/www/html/admin/modules/userman/functions.inc/auth/modules/Msad.php:597
 FreePBX\modules\Userman\Auth\Msad->updateAllUsers() at /var/www/html/admin/modules/userman/functions.inc/auth/modules/Msad.php:227
 FreePBX\modules\Userman\Auth\Msad->sync() at /var/www/html/admin/modules/userman/Console/Userman.class.php:31
 FreePBX\Console\Command\Userman->execute() at /var/www/html/admin/libraries/Composer/vendor/symfony/console/Symfony/Component/Console/Command/Command.php:257
 Symfony\Component\Console\Command\Command->run() at /var/www/html/admin/libraries/Composer/vendor/symfony/console/Symfony/Component/Console/Application.php:874
 Symfony\Component\Console\Application->doRunCommand() at /var/www/html/admin/libraries/Composer/vendor/symfony/console/Symfony/Component/Console/Application.php:195
 Symfony\Component\Console\Application->doRun() at /var/www/html/admin/libraries/Composer/vendor/symfony/console/Symfony/Component/Console/Application.php:126
 Symfony\Component\Console\Application->run() at /var/lib/asterisk/bin/fwconsole:139


userman [args1] ... [argsN]

Here are the settings we’ve got configured within userman, sensitive stuff blanked out:

Thanks!

Your base DN string is invalid. I don’t know what it’s suppose to be but that’s what “No such object” means

Should I submit a bug for the lack of error message on this? Or is that intentional.

That’s all PHP gives me.

Seems odd that an error while performing the same action in the console would not be reflected in the UI somehow.

Sure. The difference is that when you do it in the GUI the process is forked off into the background because getting that error. Or any error. Could take up to 10 minutes depending on the speed of your LDAP connection. Then I’d have tickets about “why is this taking so long”. There’s really no good way to solve this.

Off the top of my head, a dashboard warning would work, or a ‘test connection’ button that attempts to sync, so the expectation from the user would be “it’s testing so this might take longer than usual, especially since things are likely broken”.

You can open a feature request and this can be included in FreePBX 14 but not 13.