LDAP authentication – log OK even if it can reach the LDAP server

I’m trying to use an LDAP server to authenticate the users in CF. during my test I notice a strange behavior leading to confusion.
It seems that some OK logs are generated even if CF is not able to reach the LDAP server. To reproduce that I set up a wrong port for my ldap server 15423 and then try to log on the UI.
In the “Audit log” section of the UI I have a log which may indicate that the logging was OK:

[----] I, [2017-01-27T15:46:32.150597 #3033:e47f8c] INFO – Success: MIQ(Common.settings_update_save) userid: [admin] - VMDB config updated (ldapport:[389] to [56])
[----] I, [2017-01-27T15:46:38.364219 #3033:e43108] INFO – Success: MIQ(Common.settings_update_save) userid: [admin] - VMDB config updated (ldapport:[56] to [15423])
[----] I, [2017-01-27T15:46:48.826632 #3055:e2fc84] INFO – Success: MIQ(Authenticator.authenticate) userid: [pcwalker] - User cn=pcwalker,ou=interactiveusers,dc=msp,dc=XXXXXXX,dc=net successfully validated by LDAP

Nevertheless when checking the other log “CFME log” in the UI I see an error when CF is trying to contact the LDAP server:

[----] I, [2017-01-27T15:46:49.712047 #3033:e42654] INFO – : MiqLdap.connection: Connecting to IP Address [172.24.65.97]
[----] E, [2017-01-27T15:46:49.716987 #3033:e42654] ERROR – : [Net::LDAP::Error]: unable to establish a connection to server Method:[rescue in authenticate]
[----] E, [2017-01-27T15:46:49.717351 #3033:e42654] ERROR – : /var/www/miq/vmdb/lib/miq_ldap.rb:97:in resolve_host'/var/www/miq/vmdb/lib/miq_ldap.rb:55:ininitialize’

This is normal since there is nothing on the port I choose but the other log in “Audit” is misleading. This led me to lose some time before I understand that the log “successfully validated by LDAP” was wrong and that there were an issue with my config.

I think it would be good to prevent the log “OK” in the audit if there is an error.

Thanks for reporting this @Charles_Walker.
Could you open an issue in github: https://github.com/manageiq/manageiq/issues
This will make sure it gets into the proper developer’s hands to resolve.

When the issue is created, please post the link here so we know it’s being tracked.

Thx for quick feedback.
Done.