Troubleshooting LDAP - Nothing shows up in log

[jbcreek]

Netbox 3.4.6 - New install
Using https://netbox.indigital.net/static/docs/installation/6-ldap/ and https://django-auth-ldap.readthedocs.io/en/latest/multiconfig.html as guides.

Relevant config in configuration.py
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'netbox_auth_log': {
'level': 'DEBUG',
'class': 'logging.handlers.RotatingFileHandler',
'filename': '/opt/netbox/local/logs/django-ldap-debug.log',
'maxBytes': 1024 * 500,
'backupCount': 5,
},
},
'loggers': {
'django_auth_ldap': {
'handlers': ['netbox_auth_log'],
'level': 'DEBUG',
},
},
}

Relevant config in ldap_config.py
import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
from django_auth_ldap.backend import LDAPBackend

class LDAPBackend1(LDAPBackend):
settings_prefix = "AUTH_LDAP_1_"

class LDAPBackend2(LDAPBackend):
settings_prefix = "AUTH_LDAP_2_"

AUTH_LDAP_START_TLS = True
AUTH_LDAP_1_SERVER_URI = "ldap://ftwin1-ds1.ds.indigital.net"
AUTH_LDAP_1_USER_DN_TEMPLATE = "None"
AUTH_LDAP_2_SERVER_URI = "ldap://mtgaldex-ds1.ds.indigital.net"
AUTH_LDAP_2_USER_DN_TEMPLATE = "None"
AUTHENTICATION_BACKENDS = ("netbox.ldap.LDAPBackend1", "netbox.ldap.LDAPBackend2")

Login fails and nothing is logged to /opt/netbox/local/logs/django-ldap-debug.log. The netbox user has rights to /opt/netbox/local/logs/django-ldap-debug.log. If I set the logger to django instead of django_auth_ldap, there are copious lines of logs in /opt/netbox/local/logs/django-ldap-debug.log. I would like to pare them down to just the auth_ldap logs.

[candlerb]

Just to check the obvious, did you set REMOTE_AUTH_BACKEND = 'netbox.authentication.LDAPBackend' in configuration.py, and restart netbox? If not, you aren't going to get any LDAP logs :-)

If you put an intentional syntax error in ldap_config.py, does it prevent netbox from starting?

I'd try a tcpdump on the netbox server, to see if it's making connections to the LDAP server:

tcpdump -i eth0 -nn -s0 -X tcp port 389

(replacing eth0 with whatever your external interface is that carries traffic to the LDAP server)

I also suggest you try using a simple config against a single LDAP backend, and get that working, before you go to a multi-backend setup.

Finally: I don't use LDAP with Netbox myself, but it seems highly unlikely that the DN's of your accounts are literally the string "None". You may need

AUTH_LDAP_1_USER_DN_TEMPLATE = None

(without the quotes), or to leave these out. The documentation says that the default is None, not "None".