Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Xmlrpc.php: ERROR! Either LDAP search failed, or multiple users were found.

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      ljorgensen
      last edited by

      Hi,

      When synchronising from master to slave, the slave reports an LDAP error multiple times. As far as I know LDAP works fine. I can go into Diagnostics → Authentication and do LDAP auth on both the master and slave. What does the error mean?

      
      Feb 13 09:54:43 pfsense-02 php-fpm[89552]: /xmlrpc.php: ERROR! Either LDAP search failed, or multiple users were found.
      Feb 13 09:54:46 pfsense-02 php-fpm[89552]: /xmlrpc.php: ERROR! Either LDAP search failed, or multiple users were found.
      Feb 13 09:54:57 pfsense-02 check_reload_status: Syncing firewall
      Feb 13 09:54:57 pfsense-02 php-fpm[10931]: /xmlrpc.php: ERROR! Either LDAP search failed, or multiple users were found.
      Feb 13 09:54:57 pfsense-02 check_reload_status: Reloading filter
      Feb 13 09:54:57 pfsense-02 php-fpm[10931]: /xmlrpc.php: ROUTING: setting default route to 130.226.230.1
      Feb 13 09:54:57 pfsense-02 php-fpm[10931]: /xmlrpc.php: Resyncing OpenVPN instances.
      Feb 13 09:54:57 pfsense-02 kernel: ovpns1: link state changed to DOWN
      Feb 13 09:54:57 pfsense-02 check_reload_status: Reloading filter
      Feb 13 09:54:58 pfsense-02 kernel: ovpns1: link state changed to UP
      Feb 13 09:54:58 pfsense-02 check_reload_status: rc.newwanip starting ovpns1
      Feb 13 09:54:59 pfsense-02 xinetd[33035]: Starting reconfiguration
      Feb 13 09:54:59 pfsense-02 xinetd[33035]: Swapping defaults
      Feb 13 09:54:59 pfsense-02 xinetd[33035]: readjusting service 6969-udp
      Feb 13 09:54:59 pfsense-02 xinetd[33035]: Reconfigured: new=0 old=1 dropped=0 (services)
      Feb 13 09:54:59 pfsense-02 php-fpm[89552]: /rc.newwanip: rc.newwanip: Info: starting on ovpns1.
      Feb 13 09:54:59 pfsense-02 php-fpm[89552]: /rc.newwanip: rc.newwanip: on (IP address: 10.106.100.1) (interface: []) (real interface: ovpns1).
      Feb 13 09:54:59 pfsense-02 php-fpm[89552]: /rc.newwanip: rc.newwanip called with empty interface.
      Feb 13 09:54:59 pfsense-02 check_reload_status: Reloading filter
      Feb 13 09:54:59 pfsense-02 php-fpm[89552]: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection -  ->  10.106.100.1 - Restarting packages.
      Feb 13 09:54:59 pfsense-02 check_reload_status: Starting packages
      Feb 13 09:54:59 pfsense-02 xinetd[33035]: Starting reconfiguration
      Feb 13 09:54:59 pfsense-02 xinetd[33035]: Swapping defaults
      Feb 13 09:54:59 pfsense-02 xinetd[33035]: readjusting service 6969-udp
      Feb 13 09:54:59 pfsense-02 xinetd[33035]: Reconfigured: new=0 old=1 dropped=0 (services)
      Feb 13 09:55:00 pfsense-02 php-fpm[89552]: /rc.start_packages: Restarting/Starting all packages.
      
      
      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It's probably trying to verify the sync user (e.g. admin) password. Since it doesn't match LDAP, it falls back to local auth and succeeds.

        On 2.4 you can use a custom username there, once you are on 2.4 you should be able to make that sync user in LDAP and it should be happy that way.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • L
          ljorgensen
          last edited by

          Thanks, that makes sense. Would that also explain the 15-20 second wait for a sync to complete?

          Oh, wait. I'm on 2.3.2 and I already have the ability to specify a sync user-name (attached, I hope). Can I specify an LDAP user here, or should I wait for 2.4?

          syncuser.png
          syncuser.png_thumb

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            On 2.3.x that field does nothing meaningful. 'admin' is hardcoded in the backend and assumed in a couple places. Have to wait for 2.4 for that.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.