RT 5.0.8
What happened some days ago is:
rt-ldapimportstarted.- RT Log:
[error]: LDAP search failed Unexpected EOF - RT deleted all users from groups synchronized by LDAP.
- Every body lost their access to queues (based on group rights).
Does this happened to anyone before?
I’ve found that the error control must be more fine grained in line 510 from the file lib/RT/LDAPImport.pm
The default behavior is going to “last” if something goes wrong. It’s ok if a user is not longer a member from a group, must to be deleted.
The problem arises in other error like LDAP_OPERATIONS_ERROR leading to a “Unexpected EOF”, where the sync must to stop, but it continues deleting all the members not found by the failed read operation to the LDAP.
OK, we must tune the LDAP (internal error) but RT must to be more resilient from errors. Maybe it must check if the error is LDAP_OPERATIONS_ERROR, LDAP_SERVER_DOWN, etc. and exit.