[stork-users] Stork Server LDAP hook loading but Bad Request 400
Peters Vincent
Vincent.Peters at chur.ch
Tue Dec 16 16:41:26 UTC 2025
Hello everyone,
We are having a Problem with the LDAP in Stork. We configured it like on the Manual but we get all the time a bad request 400 Here are our configs:
In the Active Directory we made the group stork-admin and the LDAP User ServiceAccountStork.
We changed the name of our DC in the configs to net (net.net)
Right now for the testing we switched to ldap instead of ldaps.
Versions:
root at vsxxstorkxxx01:/etc/stork/certs# dpkg -s isc-stork-server-hook-ldap
Package: isc-stork-server-hook-ldap
Status: install ok installed
Priority: required
Section: admin
Installed-Size: 13236
Maintainer: Stork team stork-users at lists.isc.org<mailto:stork-users at lists.isc.org>
Architecture: amd64
Version: 2.2.1.250828143612
Description: ISC Stork server ldap hook
License: MPL 2.0
Homepage: https://stork.isc.org
root at vsxxstorkxxx01:/etc/stork/certs#
root at vsxxstorkxxx01:/etc/stork/certs# dpkg -s isc-stork-server
Package: isc-stork-server
Status: install ok installed
Priority: required
Section: admin
Installed-Size: 87337
Maintainer: Stork team stork-users at lists.isc.org<mailto:stork-users at lists.isc.org>
Architecture: amd64
Version: 2.2.1.250828143658
Suggests: isc-stork-server-hook-ldap
Conffiles:
/etc/stork/server.env a5ebd9bf47e17e48eda281101863cf43
/etc/stork/versions.json c4c67bdaa8eccb1ec841fd0c159e08f3
Description: ISC Stork Server
Provides centralized, front end to apps (Kea and BIND9) monitored by Stork agents. You typically need a single server in a network.
License: MPL 2.0
Homepage: https://stork.isc.org
Config in /etc/stork/server.env:
STORK_DATABASE_HOST=127.0.0.1
STORK_DATABASE_PORT=5432
STORK_DATABASE_NAME=stork
STORK_DATABASE_USERNAME=stork-server
STORK_DATABASE_PASSWORD=passwd
STORK_HTTP_LISTEN_ADDRESS=0.0.0.0:8080
STORK_REST_VERSIONS_URL=https://www.isc.org/versions.json
STORK_SERVER_ENABLE_TLS=true
STORK_SERVER_TLS_LISTEN_ADDRESS=0.0.0.0
STORK_SERVER_TLS_PORT=8443
STORK_AUTH_METHOD=ldap
STORK_SERVER_HOOK_LDAP_DEBUG=true
STORK_SERVER_HOOK_LDAP_URL=ldap://dc.net.net:389
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_USER_ID=sAMAccountName
STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_GROUP=group
STORK_SERVER_HOOK_LDAP_BIND_USERDN=CN=ServiceAccountStork,OU=stork,OU=application,OU=accounts,DC=net,DC=net
STORK_SERVER_HOOK_LDAP_BIND_PASSWORD='passwd'
STORK_SERVER_HOOK_LDAP_ROOT=DC=net,DC=net
STORK_SERVER_HOOK_LDAP_GROUP_ALLOW=stork-admin
STORK_SERVER_HOOK_LDAP_MAP_GROUPS=true
STORK_SERVER_HOOK_LDAP_GROUP_ADMIN=stork-admin
STORK_SERVER_HOOK_LDAP_GROUP_SUPER_ADMIN=stork-admin
Systemctl Config:
### Editing /etc/systemd/system/isc-stork-server.service.d/override.conf
### Anything between here and the comment below will become the contents of the drop-in file
[Service]
EnvironmentFile=/etc/stork/server.env
### Edits below this comment will be discarded
### /usr/lib/systemd/system/isc-stork-server.service
# [Unit]
# Description=ISC Stork Server
# Documentation=man:stork-server(8)
# Wants=network-online.target
# After=network-online.target
# After=time-sync.target
#
# [Service]
# User=stork-server
# ConfigurationDirectory=stork
# ExecStart=/usr/bin/stork-server
# ExecReload=/bin/kill -HUP $MAINPID
# EnvironmentFile=/etc/stork/server.env
# Restart=on-failure
#
# [Install]
# WantedBy=multi-user.target
Log from isc-stork-server:
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Object Name: (Universal, Primitive, Octet String) Len=66 "CN=stork-admin,OU=stork,OU=application,OU=groups,DC=net,DC=net"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attributes: (Universal, Constructed, Sequence and Sequence of) Len=21 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attribute: (Universal, Constructed, Sequence and Sequence of) Len=19 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attribute Name: (Universal, Primitive, Octet String) Len=2 "cn"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attribute Values: (Universal, Constructed, Set and Set OF) Len=13 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attribute Value: (Universal, Primitive, Octet String) Len=11 "stork-admin"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: waiting for response
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: got response 0xc00016c000
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=76 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Message ID: (Universal, Primitive, Integer) Len=1 "6"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Search Result Reference: (Application, Constructed, 0x13) Len=71 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: (Universal, Primitive, Octet String) Len=69 "ldap://ForestDnsZones.net.net/DC=ForestDnsZones,DC=net,DC=net"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: waiting for response
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Receiving message 6
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: got response 0xc00016c1c0
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=76 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Message ID: (Universal, Primitive, Integer) Len=1 "6"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Search Result Reference: (Application, Constructed, 0x13) Len=71 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: (Universal, Primitive, Octet String) Len=69 "ldap://DomainDnsZones.net.net/DC=DomainDnsZones,DC=net,DC=net"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Receiving message 6
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: waiting for response
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: got response 0xc00016c3f0
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=60 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Message ID: (Universal, Primitive, Integer) Len=1 "6"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Search Result Reference: (Application, Constructed, 0x13) Len=55 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: (Universal, Primitive, Octet String) Len=53 "ldap://net.net/CN=Configuration,DC=net,DC=net"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Receiving message 6
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: waiting for response
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: got response 0xc00016c5b0
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=12 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Message ID: (Universal, Primitive, Integer) Len=1 "6"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Search Result Done: (Application, Constructed, 0x05) Len=7 "<nil>"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Result Code (Success): (Universal, Primitive, Enumerated) Len=1 "0"
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Matched DN (): (Universal, Primitive, Octet String) Len=0 ""
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Success: (Universal, Primitive, Octet String) Len=0 ""
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Sending quit message and waiting for confirmation
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Finished message 6
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Shutting down - quit message received
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Closing network connection
Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: time="2025-12-16 17:18:47" level="info" msg="HTTP request served" file=" middleware.go:106 " method="POST" path="/api/sessions" remote="172.18.6.127:62076" size="0" status="400" text_status="Bad Request" took="17.738978ms"
root at vsxxstorkxxx01:/etc/stork/certs#
Thanks for your help!
Greetings
_________________________________________
Vincent Peters
Stadt Chur
<https://www.chur.ch/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/stork-users/attachments/20251216/79f1858d/attachment-0001.htm>
More information about the Stork-users
mailing list