Hi Jochen, the password_secret is consistent. I see this on the graylog-server logs:
ERROR [AESTools] Could not decrypt value. mongodb javax.crypto.BadPaddingException: Given final block not properly padded it seems mongo is not passing the userbase to the graylog-server, any way I can force the syncronization? mongo is not configured for SSL/TLS On Wednesday, July 22, 2015 at 3:32:21 AM UTC-7, Jochen Schalanda wrote: > > Hi Angelo, > > please make sure that all Graylog nodes are using the same MongoDB > database and that password_secret ( > https://github.com/Graylog2/graylog2-server/blob/1.1.4/misc/graylog2.conf#L9-11) > > is identical on each node. > > Cheers, > Jochen > > On Wednesday, 22 July 2015 10:40:34 UTC+2, Angelo Pantano wrote: >> >> I just created a new graylog2 node and I joined it to an existing >> cluster, but if I try to query its local API (with ldap or local users) I >> get 401s and in the logfile I see a bunch of these errors: >> >> ERROR [LdapUserAuthenticator] LDAP error >> 2015-07-21_21:52:33.82762 >> org.apache.directory.api.ldap.model.exception.LdapUnwillingToPerformException: >> >> unauthenticated bind (DN with no password) disallowed >> 2015-07-21_21:52:33.82763 at >> org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2029) >> 2015-07-21_21:52:33.82763 at >> org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1045) >> 2015-07-21_21:52:33.82763 at >> org.graylog2.security.ldap.LdapConnector.connect(LdapConnector.java:89) >> 2015-07-21_21:52:33.82763 at >> org.graylog2.security.realm.LdapUserAuthenticator.doGetAuthenticationInfo(LdapUserAuthenticator.java:82) >> >> my guess is that the userbase is not syncronized since I can query the >> API without problems on the other nodes. How do I have the new node use the >> existing users? >> > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
