https://github.com/massemanet/eper/blob/master/doc/redbug.txt
Attach to the running erlang process on running EC11x or Chef 12 systems
/opt/opscode/embedded/bin/erl -name me@127.0.0.1 -remsh erchef@127.0.0.1 -setcookie erchef
Show the LDAP config loaded from /var/opt/opscode/opscode-erchef/etc/app.config
Config = envy:get(oc_chef_wm, ldap, list).
Wait for/show calls coming in to various functions used during an LDAP auth
redbug:start("oc_chef_wm_authn_ldap:find_and_authenticate_user->return",[{time,120000},{msgs,50}] ).
Go to the webui and try to login. You should either get an error, or the output of the LDAP config and the return value from oc_chef_wm_authn_ldap:find_and_authenticate_user/4 which should be the user record from the internal Chef Server user DB.
If you think you are getting past the bind with the LDAP server, you can try this before another attempted login to see the complete LDAP search step, which is between the bind and the retrieval of the Chef Server user DB record
redbug:start("eldap:log2->return",[{time,120000},{msgs,50}]).
Another useful function might be result_to_user_ejson. It will show both the LDAP record and the Chef Server DB record. You can use this output to determine whether the record we are returning from the Chef Server DB users table is complete with FirstName, LastName, Email.
redbug:start("oc_chef_wm_authn_ldap:result_to_user_ejson->return",[{time,120000},{msgs,50}]).
Exit the erlang shell without killing the erlang process we attached to
Ctrl-g
q