New issues with LDAP Login after Synology update

[CChris 58]

HI, after Synology roled out an update on their DiskStation, including an update on the AD Server implementation (now the app is only called Directory Server for Windows Domain) I can't use the LDAP authentification which was setup in Emby anymore.

 

Now, the log is showing the following error:

2019-05-29 20:32:36.240 Info HttpClient: POST https://mb3admin.com/admin/service/registration/validate
2019-05-29 20:32:36.522 Error UserManager: Error authenticating with provider LDAP
	*** Error Report ***
	Version: 4.1.1.0
	Command line: /volume1/@appstore/EmbyServer/releases/4.1.1.0/EmbyServer.dll -package synology -programdata /var/packages/EmbyServer/target/var -ffmpeg /var/packages/EmbyServer/target/ffmpeg/bin/ffmpeg -ffprobe /var/packages/EmbyServer/target/ffmpeg/bin/ffprobe -ffdetect /var/packages/EmbyServer/target/ffmpeg/bin/ffdetect -restartexitcode 121
	Operating system: Unix 4.4.59.0
	64-Bit OS: True
	64-Bit Process: True
	User Interactive: True
	Runtime: file:///volume1/@appstore/EmbyServer/3rdparty/netcore/2.2.1/runtime/System.Private.CoreLib.dll
	Processor count: 2
	Program data path: /var/packages/EmbyServer/target/var
	Application directory: /volume1/@appstore/EmbyServer/releases/4.1.1.0
	Novell.Directory.Ldap.LdapException: LdapException: Unable to connect to server ds218.ad.caina.de:686 (91) Connect Error
	System.Net.Internals.SocketExceptionFactory+ExtendedSocketException (111): Connection refused 192.168.52.250:686
	   at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) in /source/corefx/src/System.Net.Sockets/src/System/Net/Sockets/Socket.cs:line 4418
	   at System.Net.Sockets.Socket.Connect(EndPoint remoteEP) in /source/corefx/src/System.Net.Sockets/src/System/Net/Sockets/Socket.cs:line 833
	   at Novell.Directory.Ldap.Connection.Connect(String host, Int32 port, Int32 semaphoreId)
	Source: LDAP
	TargetSite: Void Connect(System.String, Int32, Int32)
	InnerException: System.Net.Internals.SocketExceptionFactory+ExtendedSocketException: Connection refused 192.168.52.250:686
	Source: System.Net.Sockets
	TargetSite: Void DoConnect(System.Net.EndPoint, System.Net.Internals.SocketAddress)
	   at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) in /source/corefx/src/System.Net.Sockets/src/System/Net/Sockets/Socket.cs:line 4418
	   at System.Net.Sockets.Socket.Connect(EndPoint remoteEP) in /source/corefx/src/System.Net.Sockets/src/System/Net/Sockets/Socket.cs:line 833
	   at Novell.Directory.Ldap.Connection.Connect(String host, Int32 port, Int32 semaphoreId)
	
2019-05-29 20:32:36.557 Info HttpClient: POST https://connect.emby.media/service/user/authenticate
2019-05-29 20:32:37.190 Info UserManager: Authentication request for Christoph Caina has been denied.
2019-05-29 20:32:37.256 Warn HttpServer: AUTH-ERROR: 109.192.243.27 - Invalid user or password entered.
2019-05-29 20:32:37.256 Error HttpServer: Invalid user or password entered.

I've seen an error message during the update of the Server component, but, everything seems working as normal (Windows Login, Fileaccess to the NAS, etc.) - only emby does show the error, that it could not find the LDAP Server.
But nothing has changed within the setup...

Any Idea, or has someone faced a similar issue after the latest update?

Details:
DSM Version: DSM 6.2.2-24922

Thanks and with best regards,

Christoph

[Luke 37060]

I don't know the answer to this, but there are some knowledgeable LDAP users in this topic:

 

https://emby.media/community/index.php?/topic/56793-ldap-plugin/

 

But judging by the error message it makes it seem as if the address and/or port needs changing.

[CChris 58]

Yes, that's what I also thought.
But changing the address did not work (the IP is where the LDAP Server is running) - and changing the Port / disabling SSL caused another error, where the resonse is: "secured connection is required" - so, from that point, I would think, it should work - and it has worked with exact this setting, until the update was rolled out.

The other option would be, to uninstall the directory server and setup everything again, including to add the clients to the domain again.
But this was something, I hoped I could avoid