Problems installing plugin/theme when using the LDAP plugin

zxc · October 30, 2025, 1:31pm

I’m trying to install my theme the following way:

I place the plugin/theme-folder in /var/www/peertube-theme-ra
peertube-cli auth add -u https://peertube.ra.no -U my_username --password “my top secret password”
1. I’ve tried with two different users, the root user and my regular LDAP admin user.
I try to install with: peertube-cli plugins install --path /var/www/peertube-theme-ra

The result is:

Cannot install plugin: Expected status 200, got 400.
The server responded: « {« type »:« PeerTube »,« detail »:« Invalid grant: user credentials are invalid »,« status »:400,« docs »:« PeerTube »,« code »:« invalid_grant »} ».
You may take a closer look at the logs. To see how to do so, check out this page: PeerTube/support/doc/development/tests.md at develop · Chocobozzz/PeerTube · GitHub

In the log I get the following error messages:

For the root user:

{« level »:« warn »,« message »:« Cannot login root in LDAP plugin. »,« label »:« peertube.ra.no:443 peertube-plugin-auth-ldap »,« err »:« no such user: « root » »,« timestamp »:« 2025-10-30T13:17:04.814Z »}

For the LDAP admin user:

{« level »:« warn »,« message »:« Cannot login my_user_name in LDAP plugin. »,« label »:« peertube.ra.no:443 peertube-plugin-auth-ldap »,« err »:{« stack »:« InvalidCredentialsError: 80090308: LdapErr: DSID-0C090457, comment: AcceptSecurityContext error, data 52e, v3839\u0000\n at messageCallback (/var/www/peertube/storage/plugins/node_modules/ldapjs/lib/client/client.js:1220:45)\n at Parser.onMessage (/var/www/peertube/storage/plugins/node_modules/ldapjs/lib/client/client.js:888:14)\n at Parser.emit (node:events:519:28)\n at Parser.write (/var/www/peertube/storage/plugins/node_modules/ldapjs/lib/messages/parser.js:107:8)\n at Socket.onData (/var/www/peertube/storage/plugins/node_modules/ldapjs/lib/client/client.js:875:22)\n at Socket.emit (node:events:519:28)\n at addChunk (node:internal/streams/readable:561:12)\n at readableAddChunkPushByteMode (node:internal/streams/readable:512:3)\n at Readable.push (node:internal/streams/readable:392:5)\n at TCP.onStreamRead (node:internal/stream_base_commons:189:23) »,« lde_message »:« 80090308: LdapErr: DSID-0C090457, comment: AcceptSecurityContext error, data 52e, v3839\u0000 »,« lde_dn »:null},« timestamp »:« 2025-10-30T13:18:17.284Z »}

This method used to work before, but that was before we started using the LDAP plugin.

Do I have to approach this differently with the LDAP plugin enabled? Or is there anything else I might be doing wrong?

Chocobozzz · October 31, 2025, 1:24pm

I think there’s something wrong with your LDAP server or PeerTube configuration.

Regarding the CLI, it should work with root since this user doesn’t use LDAP auth. Can you check the output of peertube-cli auth list?

zxc · October 31, 2025, 1:53pm

Login with the LDAP-user works just fine when using the web interface.

Anyway, I don’t think it’s related to LDAP, at least not with the root user, but passwords with spaces. If I change the root password to a password without spaces, it works fine.

peertube-cli auth add -u https://peertube.ra.no -U root --password "Bla bla bla"

Results in a .netrc file with:

machine https://peertube.ra.no login root password Bla bla bla

That is, without quotes, which doesn’t work and gives me “Invalid grant: user credentials are invalid” when I try to install.

And that also happens if I edit my .netrc to:

machine https://peertube.ra.no login root password "Bla bla bla"