Please make vendor_name and vendor_version optional in check_connection for LDAP integrations

[vic164]

Is your feature request related to a problem? Please describe.

We are using as our LDAP server in combination with Authentik. Currently, the check_connection function in Authentik expects the LDAP server_info response to include the attributes vendor_name and vendor_version.
When these fields are absent (as is the case with Glauth), check_connection fails with an exception. Moreover, repeated attempts result in multiple unclosed connections to the LDAP server, potentially exhausting file descriptors and resources.

Describe the solution you'd like

Introduce configuration options to make the vendor_name and vendor_version fields optional in check_connection. Authentik should be able to gracefully handle the absence of these attributes, either by skipping the check or by using default/fallback values.

Additional context

Improves compatibility with LDAP servers that do not provide vendor_name or vendor_version (like Glauth).
Prevents resource exhaustion caused by repeated failed connection attempts.
Enhances stability and flexibility of Authentik in diverse LDAP environments.

[BeryJu]

Could you post the stacktrace you're getting?

[vic164]

Hi @BeryJu

{
    "user": {},
    "action": "system_task_exception",
    "app": "authentik.tasks.middleware",
    "context": {
        "actor": "authentik.sources.ldap.tasks.ldap_connectivity_check",
        "message": "Task authentik.sources.ldap.tasks.ldap_connectivity_check encountered an error",
        "rel_obj": {
            "pk": "205014dd13fc4db798a1fc3d89acc6bb",
            "app": "authentik_tasks_schedules",
            "name": "Schedule authentik.sources.ldap.tasks.ldap_connectivity_check:authentik.sources.ldap.tasks.ldap_connectivity_check:ldaphost",
            "model_name": "schedule"
        },
        "exception": [
            {
                "frames": [
                    {
                        "name": "process_message",
                        "lineno": 487,
                        "locals": {
                            "e": "AttributeError(\"'NoneType' object has no attribute 'vendor_name'\")",
                            "res": "None",
                            "self": "<_WorkerThread(Thread-6, started daemon 140245420984000)>",
                            "actor": "\"Actor(<function ldap_connectivity_check at 0x7f8d7e7565c0>, queue_name='default'\"+68",
                            "throws": "None",
                            "message": "<dramatiq.broker.MessageProxy object at 0x7f8d3f0ebb30>"
                        },
                        "filename": "/ak-root/.venv/lib/python3.13/site-packages/dramatiq/worker.py"
                    },
                    {
                        "name": "__call__",
                        "lineno": 185,
                        "locals": {
                            "args": "(UUID('60a440d7-15e8-4f91-b7f8-11fbaa938462'),)",
                            "self": "\"Actor(<function ldap_connectivity_check at 0x7f8d7e7565c0>, queue_name='default'\"+68",
                            "delta": "0.21845028549432755",
                            "start": "27194161.49712916",
                            "kwargs": "{}"
                        },
                        "filename": "/ak-root/.venv/lib/python3.13/site-packages/dramatiq/actor.py"
                    },
                    {
                        "name": "ldap_connectivity_check",
                        "lineno": 43,
                        "locals": {
                            "pk": "UUID('60a440d7-15e8-4f91-b7f8-11fbaa938462')",
                            "source": "<LDAPSource: ldaphost>",
                            "timeout": "7200"
                        },
                        "filename": "/authentik/sources/ldap/tasks.py"
                    },
                    {
                        "name": "check_connection",
                        "lineno": 311,
                        "locals": {
                            "conn": "\"Connection(server=Server(host='ldaphost', port=636, use_ssl=True, allowed_referr\"+533",
                            "self": "<LDAPSource: ldaphost>",
                            "server": "\"Server(host='ldaphost', port=636, use_ssl=True, allowed_referral_hosts=[('*', Tr\"+110",
                            "servers": "\"ServerPool(servers=[Server(host='ldaphost', port=636, use_ssl=True, allowed_refe\"+180",
                            "server_info": "{}"
                        },
                        "filename": "/authentik/sources/ldap/models.py"
                    }
                ],
                "exc_type": "AttributeError",
                "is_cause": false,
                "is_group": false,
                "exc_notes": [],
                "exc_value": "'NoneType' object has no attribute 'vendor_name'",
                "exceptions": [],
                "syntax_error": null
            }
        ]
    },
    "expires": "2026-09-17T09:53:41.276Z",
    "brand": {
        "pk": "f4354d0708d3485897e733b52744effe",
        "app": "authentik_brands",
        "name": "Brand fallback",
        "model_name": "brand"
    }
}

[vic164]

Hi @BeryJu
just wanted to kindly follow up — could you please let me know if you are planning to add the feature I asked about?