Plone 5.0.7 LDAP - pas.plugins.ldap-1.5.1 connection test fails

Hi, trying to get LDAP working and have gotten everything installed and at the plugin configuration stage but I'm hitting this error, hoping someone can point be in the right direction please.

System :
Ubuntu 16.04.2 LTS - Xenial

Plone 5.0.7 (5017)
CMF 2.2.10
Zope 2.13.26
Python 2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]
PIL 3.4.2 (Pillow)

Buildout with added dependencies shows no errors :
PyYAML = 3.12
bda.cache = 1.1.3
node = 0.9.18.1
node.ext.ldap = 1.0b3
node.ext.ugm = 0.9.8
odict = 1.5.2
pas.plugins.ldap = 1.5.1
plone.recipe.command = 1.1
plone.recipe.precompiler = 0.6
plumber = 1.3.1
python-ldap = 2.4.32
python-memcached = 1.58
smbpasswd = 1.0.2
yafowil = 2.2
yafowil.plone = 2.4.1
yafowil.widget.array = 1.4
yafowil.widget.dict = 1.6
yafowil.yaml = 1.2

Enter server / user details on plugin config panel produces this error when saved :

2017-03-28 14:51:20 ERROR pas.plugins.ldap Non-LDAP error while connection test!
Traceback (most recent call last):
File "/var/www/plone/buildout-cache/eggs/pas.plugins.ldap-1.5.1-py2.7.egg/pas/plugins/ldap/properties.py", line 153, in connection_test
ugm.users.iterkeys().next()
StopIteration

Messing around with the Users container DN causes unknown object errors as expected, but when it is corrected I hit this error.

Further info : LDAP server is 2008R2 AD

Commenting our the test lines in ldap/properties.py shows the LDAP Inspector on the config page which , when opened, correctly binds and shows a list of expected containers.

When clicking one of the listed containers the debug shell outputs the following error :

ERROR Zope.SiteErrorLog 1490765253.00.938157870691 http://192.168.x.x:8080/Plone2/@@plone_ldapnodeattributes
Traceback (innermost last):
Module ZPublisher.Publish, line 138, in publish
Module ZPublisher.mapply, line 77, in mapply
Module ZPublisher.Publish, line 48, in call_object
Module pas.plugins.ldap.plonecontrolpanel.inspector, line 50, in node_attributes
Module node.ext.ldap._node, line 443, in node_by_dn
ValueError: Invalid base DN

Users container DN is ou=Users,ou=OFFICE,dc=businessname,dc=local (making the OU=, DC= capitals causes a Unicode decode error out of interest)

This is likely a PEBKC error, but any hints gratefully accepted.

This sounds like a configuration error.

UnicodeDecodeError errors occur usually when a unicode string and a byte string are combined by a string operation or (more generally) when you use a byte string at a place where a unicode string is expected. In those cases, the byte string is decoded with the so called "default encoding" to get the corresponding unicode string -- and you get a UnicodeDecodeError when this fails.

Capitalizing the "ou" does not introduce a problem for the "default encoding". This means that the real problem is somewhere else.

One possibility would be that the lower case "ou" has caused an error before the UnicodeDecodeError was reached (maybe, the bad base_dn).

Anyway, somewhere, you have a byte string used at a place where a unicode string is required and it contains characters not handled by the employed encoding (maybe, the "default encoding").

Thanks Dieter, I set the system local to en_US (previously en_NZ) and this has removed that unicode error, but unfortunately the primary DN error still exists.

As a test I spun up a Ubuntu 14.04 VM and installed there with the same resulting error.

I also note that the other active LDAP issue reported by @cfa on this forum is now hitting the same error.

That error has caused a ValueError. In the corresponding traceback, you will find which function has raised the exception. Look at its source code.

The error has either initiated in the LDAP server (less likely) or in the client. In the latter case, you should be able to determine from the source code, what precisely it does not like about the DN -- and modify the configuration accordingly. In the former case, the LDAP server logs may provide additional information about what it did not like.