[stork-users] Stork Server LDAP hook loading but Bad Request 400
Darren Ankney
darren.ankney at gmail.com
Tue Dec 16 18:14:24 UTC 2025
Hi Vincent,
You may be interested in these two knowledge base articles:
* https://kb.isc.org/docs/ldap-intro
* https://kb.isc.org/docs/stork-ldap
as they may shed some light on the configuration process.
Thank you,
Darren Ankney
On Tue, Dec 16, 2025 at 11:41 AM Peters Vincent <Vincent.Peters at chur.ch> wrote:
>
> Hello everyone,
>
>
> We are having a Problem with the LDAP in Stork. We configured it like on the Manual but we get all the time a bad request 400 Here are our configs:
>
> In the Active Directory we made the group stork-admin and the LDAP User ServiceAccountStork.
> We changed the name of our DC in the configs to net (net.net)
>
> Right now for the testing we switched to ldap instead of ldaps.
>
> Versions:
>
>
>
> root at vsxxstorkxxx01:/etc/stork/certs# dpkg -s isc-stork-server-hook-ldap
>
> Package: isc-stork-server-hook-ldap
>
> Status: install ok installed
>
> Priority: required
>
> Section: admin
>
> Installed-Size: 13236
>
> Maintainer: Stork team stork-users at lists.isc.org
>
> Architecture: amd64
>
> Version: 2.2.1.250828143612
>
> Description: ISC Stork server ldap hook
>
> License: MPL 2.0
>
> Homepage: https://stork.isc.org
>
> root at vsxxstorkxxx01:/etc/stork/certs#
>
>
>
> root at vsxxstorkxxx01:/etc/stork/certs# dpkg -s isc-stork-server
>
> Package: isc-stork-server
>
> Status: install ok installed
>
> Priority: required
>
> Section: admin
>
> Installed-Size: 87337
>
> Maintainer: Stork team stork-users at lists.isc.org
>
> Architecture: amd64
>
> Version: 2.2.1.250828143658
>
> Suggests: isc-stork-server-hook-ldap
>
> Conffiles:
>
> /etc/stork/server.env a5ebd9bf47e17e48eda281101863cf43
>
> /etc/stork/versions.json c4c67bdaa8eccb1ec841fd0c159e08f3
>
> Description: ISC Stork Server
>
> Provides centralized, front end to apps (Kea and BIND9) monitored by Stork agents. You typically need a single server in a network.
>
> License: MPL 2.0
>
> Homepage: https://stork.isc.org
>
>
>
>
>
> Config in /etc/stork/server.env:
>
>
>
> STORK_DATABASE_HOST=127.0.0.1
>
> STORK_DATABASE_PORT=5432
>
> STORK_DATABASE_NAME=stork
>
> STORK_DATABASE_USERNAME=stork-server
>
> STORK_DATABASE_PASSWORD=passwd
>
> STORK_HTTP_LISTEN_ADDRESS=0.0.0.0:8080
>
> STORK_REST_VERSIONS_URL=https://www.isc.org/versions.json
>
> STORK_SERVER_ENABLE_TLS=true
>
> STORK_SERVER_TLS_LISTEN_ADDRESS=0.0.0.0
>
> STORK_SERVER_TLS_PORT=8443
>
>
>
> STORK_AUTH_METHOD=ldap
>
> STORK_SERVER_HOOK_LDAP_DEBUG=true
>
> STORK_SERVER_HOOK_LDAP_URL=ldap://dc.net.net:389
>
> STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_USER_ID=sAMAccountName
>
> STORK_SERVER_HOOK_LDAP_OBJECT_CLASS_GROUP=group
>
> STORK_SERVER_HOOK_LDAP_BIND_USERDN=CN=ServiceAccountStork,OU=stork,OU=application,OU=accounts,DC=net,DC=net
>
> STORK_SERVER_HOOK_LDAP_BIND_PASSWORD='passwd'
>
> STORK_SERVER_HOOK_LDAP_ROOT=DC=net,DC=net
>
> STORK_SERVER_HOOK_LDAP_GROUP_ALLOW=stork-admin
>
> STORK_SERVER_HOOK_LDAP_MAP_GROUPS=true
>
> STORK_SERVER_HOOK_LDAP_GROUP_ADMIN=stork-admin
>
> STORK_SERVER_HOOK_LDAP_GROUP_SUPER_ADMIN=stork-admin
>
>
>
> Systemctl Config:
>
>
>
>
>
> ### Editing /etc/systemd/system/isc-stork-server.service.d/override.conf
>
> ### Anything between here and the comment below will become the contents of the drop-in file
>
>
>
> [Service]
>
> EnvironmentFile=/etc/stork/server.env
>
>
>
> ### Edits below this comment will be discarded
>
>
>
>
>
> ### /usr/lib/systemd/system/isc-stork-server.service
>
> # [Unit]
>
> # Description=ISC Stork Server
>
> # Documentation=man:stork-server(8)
>
> # Wants=network-online.target
>
> # After=network-online.target
>
> # After=time-sync.target
>
> #
>
> # [Service]
>
> # User=stork-server
>
> # ConfigurationDirectory=stork
>
> # ExecStart=/usr/bin/stork-server
>
> # ExecReload=/bin/kill -HUP $MAINPID
>
> # EnvironmentFile=/etc/stork/server.env
>
> # Restart=on-failure
>
> #
>
> # [Install]
>
> # WantedBy=multi-user.target
>
>
>
> Log from isc-stork-server:
>
>
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Object Name: (Universal, Primitive, Octet String) Len=66 "CN=stork-admin,OU=stork,OU=application,OU=groups,DC=net,DC=net"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attributes: (Universal, Constructed, Sequence and Sequence of) Len=21 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attribute: (Universal, Constructed, Sequence and Sequence of) Len=19 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attribute Name: (Universal, Primitive, Octet String) Len=2 "cn"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attribute Values: (Universal, Constructed, Set and Set OF) Len=13 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Attribute Value: (Universal, Primitive, Octet String) Len=11 "stork-admin"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: waiting for response
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: got response 0xc00016c000
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=76 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Message ID: (Universal, Primitive, Integer) Len=1 "6"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Search Result Reference: (Application, Constructed, 0x13) Len=71 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: (Universal, Primitive, Octet String) Len=69 "ldap://ForestDnsZones.net.net/DC=ForestDnsZones,DC=net,DC=net"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: waiting for response
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Receiving message 6
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: got response 0xc00016c1c0
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=76 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Message ID: (Universal, Primitive, Integer) Len=1 "6"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Search Result Reference: (Application, Constructed, 0x13) Len=71 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: (Universal, Primitive, Octet String) Len=69 "ldap://DomainDnsZones.net.net/DC=DomainDnsZones,DC=net,DC=net"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Receiving message 6
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: waiting for response
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: got response 0xc00016c3f0
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=60 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Message ID: (Universal, Primitive, Integer) Len=1 "6"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Search Result Reference: (Application, Constructed, 0x13) Len=55 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: (Universal, Primitive, Octet String) Len=53 "ldap://net.net/CN=Configuration,DC=net,DC=net"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Receiving message 6
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: waiting for response
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 6: got response 0xc00016c5b0
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: LDAP Response: (Universal, Constructed, Sequence and Sequence of) Len=12 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Message ID: (Universal, Primitive, Integer) Len=1 "6"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Search Result Done: (Application, Constructed, 0x05) Len=7 "<nil>"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Result Code (Success): (Universal, Primitive, Enumerated) Len=1 "0"
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Matched DN (): (Universal, Primitive, Octet String) Len=0 ""
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: Success: (Universal, Primitive, Octet String) Len=0 ""
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Sending quit message and waiting for confirmation
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Finished message 6
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Shutting down - quit message received
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: 2025/12/16 17:18:47 Closing network connection
>
> Dec 16 17:18:47 vsxxstorkxxx01 stork-server[15142]: time="2025-12-16 17:18:47" level="info" msg="HTTP request served" file=" middleware.go:106 " method="POST" path="/api/sessions" remote="172.18.6.127:62076" size="0" status="400" text_status="Bad Request" took="17.738978ms"
>
> root at vsxxstorkxxx01:/etc/stork/certs#
>
>
>
> Thanks for your help!
>
>
>
> Greetings
> _________________________________________
> Vincent Peters
>
> Stadt Chur
>
> --
> Stork-users mailing list
> Stork-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/stork-users
More information about the Stork-users
mailing list