LDAP Authenticator error 500 creating user

marcusmills · January 11, 2021, 5:28pm

Can anyone help please?

After configuring LDAP authenticator, users with spaces in the CN value, like “CN=John Smith” log in and receive an error.

_"500 : Internal Server Error
Error in Authenticator.pre_spawn_start: CalledProcessError Command ‘[‘useradd’, ‘–create-home’, ‘jupyter-john smith-eccf8’]’ returned non-zero exit status 3.

You can try restarting your server from the home page."_

How to reproduce

Configure Jupyter Hub with the following ldap authentication options and use a user with a space in their CN.

c.authenticator_class = 'ldapauthenticator.LDAPAuthenticator'
c.LDAPAuthenticator.server_address = 'contoso.com'
c.LDAPAuthenticator.lookup_dn = True
c.LDAPAuthenticator.lookup_dn_search_filter = '({login_attr}={login})'
c.LDAPAuthenticator.lookup_dn_search_user = '<snip>'
c.LDAPAuthenticator.lookup_dn_search_password = '<snip>'
c.LDAPAuthenticator.user_search_base = 'OU=users,DC=contoso,DC=com'
c.LDAPAuthenticator.user_attribute = 'sAMAccountName'
c.LDAPAuthenticator.lookup_dn_user_dn_attribute = 'cn'
c.LDAPAuthenticator.escape_userdn = True
c.LDAPAuthenticator.bind_dn_template = '{username}'
c.LDAPAuthenticator.use_lookup_dn_username = True

Using TLJH

OS:
Version(s): lsb_release -a
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic

For clarity we are using TLJH and here is the config we used.

sudo tljh-config set auth.LDAPAuthenticator.server_address = ‘contoso.com’
sudo tljh-config set auth.LDAPAuthenticator.lookup_dn = True
sudo tljh-config set auth.LDAPAuthenticator.lookup_dn_search_filter = ‘({login_attr}={login})’
sudo tljh-config set auth.LDAPAuthenticator.lookup_dn_search_user = ‘’
sudo tljh-config set auth.LDAPAuthenticator.lookup_dn_search_password = ‘’
sudo tljh-config set auth.LDAPAuthenticator.user_search_base = ‘OU=users,DC=contoso,DC=com’
sudo tljh-config set auth.LDAPAuthenticator.user_attribute = ‘sAMAccountName’
sudo tljh-config set auth.LDAPAuthenticator.lookup_dn_user_dn_attribute = ‘cn’
sudo tljh-config set auth.LDAPAuthenticator.escape_userdn = True
sudo tljh-config set auth.LDAPAuthenticator.bind_dn_template = ‘{username}’
sudo tljh-config set auth.LDAPAuthenticator.use_lookup_dn_username = True

@yuvipanda - I’d really appreciate your thoughts pretty pls?

andyk · June 21, 2021, 7:20am

I have exactly the same issue. Is this solved?

andyk · June 21, 2021, 8:16am

I was able to solve this by adding this line to the configuration file:
c.LDAPAuthenticator.use_lookup_dn_username = False

It seems that it then uses sAMAccountName as JupyterHub username instead of CN.

Topic		Replies	Views
OAuthenticator 500 internal server error The Littlest JupyterHub help-wanted	6	582	January 9, 2024
Starting userldap id instead "jovyan" Zero to JupyterHub on Kubernetes jupyterhub , how-to , help-wanted	3	1113	April 6, 2023
Intternal server error 500 with KDCAutheticator Zero to JupyterHub on Kubernetes	2	665	March 17, 2021
ldap3.core.exceptions.LDAPSocketReceiveError: with 500 : Internal Server Error Zero to JupyterHub on Kubernetes	1	724	September 23, 2021
Need help with LDAP authentication - 500 : Internal Server Error JupyterHub	1	960	February 15, 2021

LDAP Authenticator error 500 creating user

How to reproduce

Related topics