Upgrading Vault Wipes LDAP Settings?

tyler.yosick · August 10, 2021, 7:07pm

Currently running Vault 1.3.2. I tried to upgrade to v 1.5.3 to resolve some vulnerabilities with 1.3.2. After replacing the binary and starting vault, I noticed I was no longer able to sign into Vault GUI with my LDAP credentials.

My question is does vault somehow wipe out LDAP settings after an upgrade? We are using Consul for storage so the only thing that was changed was the binary version. Any thoughts here?

The error I received upon trying to log in with LDAP credentials was

“Authentication failed: ldap operation failed: unable to retrieve user bind DN”.

mikegreen · August 11, 2021, 2:35pm

Look thru the release notes pages on vaultproject.io for each version you’re going thru. At some point, there was an issue w configs that had upndomain
It might have been fixed > 1.5, but I think the fix was removing upndomain…

Also, at this point, I’d rec going to 1.7.x/more-recent version.

tyler.yosick · August 11, 2021, 5:28pm

I didn’t see any “known issues” under Vault version 1.5.3. Perhaps upgrading to a different version will lead to a different outcome. Thanks for the reply.

mikegreen · August 12, 2021, 4:09pm

Did you look thru the release notes for each version from the version you’re at, to the version you’re going to?

Topic		Replies	Views
Vault Version Upgrade - Policies not assigned anymore since 1.12.6 Vault	2	204	May 26, 2023
Facing ldap authentication issue Vault vault	1	1132	March 15, 2021
Vault kerberos authentication LDAP binddn lookup fails Vault	1	387	January 10, 2023
Unable to login with same user that is used to LDAP bind with Vault	5	1527	April 9, 2020
Authentication failed: ldap operation failed: failed to bind as user Vault	0	331	April 26, 2023

Upgrading Vault Wipes LDAP Settings?

Related topics