LDAP authentication|SQLSTATE[HY000] [2005] Unknown MySQL server host|Icingaweb2

This forum was archived to /woltlab and is now in read-only mode.
  • Hello Everyone,


    Earlier I'd setup Icinga in HA with separate mysql DB,integrated it with AD server and everything was working perfectly fine. Recently our AD servers were changed and this requires us to update the LDAP configuration on Icinga.


    I then updated the AD information in Icinga console at Configuration-->Application pane and created resource and new user backend group in authentication pane with which all the new users were discovered and I thought its done.


    But once I stopped my old AD servers, the Icinga application was not able to connect with the RDS instance and gave me error on the console:-


    SQLSTATE[HY000] [2005] Unknown MySQL server host 'xxxxxxxxxxxxxxxxxxxxxxxxx' (110)


    Even I'm not able to login with my Icinga admin credentials post stopping the AD instance.


    Can anyone please suggest how that can be fixed? What is the thing that I'm missing here.


    Kindly post your suggestion and do revert in case of any query.


    Thanks,

  • Hi,


    please stop bumping threads. Once someone got the time to answer you, you'll surely get one.


    The error you gave indicates a MySQL connection issue, not an ActiveDirectory one. Are you sure it's the only error message that appears in the log?
    Icinga Web 2 should still allow you to login through any other working backend in case one suffers from a problem and refuses to work. If you're really not able to login through either backend you must have got multiple error messages.

  • Hi @JoNe


    I'm only getting this SQL error on console once I stop my AD servers. Even if I try to validate my DB configuration, it starts processing but does nothing. The strange part is the time I again start my old AD servers, everything works well.


    The concern that I've here is in the LDAP configuration(on icingaweb console), I've mentioned my new AD server details. That new AD server is able to fetch all the users and validates the configuration as well. But everytime, I stop my old AD servers(that has been removed from LDAP configuration), tends to effect my DB connection to icinga resulted in giving the SQL error.

  • Well, the error from MySQL indicates that the name of the host can't be resolved. Is your DNS server also affected somehow? Or DNS resolution in general?

  • No, DNS server is not affected and seems to be working fine.


    I ran tcpdump command on my Icinga master server with dst to old AD server and found that the monitoring server is reaching out to my RDS instance via Old AD server. This is how the results look like.


    >>tcpdump dst Old_AD_server


    IP ICINGA_Server.xxxx > Old_AD_server.domain: yyyy+ A? RDS_DB_Server. (68)
    IP ICINGA_Server.xxxx > Old_AD_server.domain: zzzz+ AAAA? RDS_DB_Server. (68).

  • No, DNS server is not affected and seems to be working fine.

    Does this also apply to the MySQL hostname? How and where did you check this? Was the old AD server stopped or running at the time?

  • I didn't check anything specifically. After I added my Icinga server to new AD domain, I did nslookup to my DB instance and it was resolving the hostname with new DNS server.


    If there is a need to check, can you please suggest how can I do it?


    Regards,
    Yash