Random LDAP issue after upgrading to owncloud/nextcloud

[figaccio]

Steps to reproduce

1. RANDOM ISSUE

Expected behaviour

Hi all,
after an upgrade from OC 8.2.3.2 -> OC 8.2.3.10 -> OC 9.x -> 11.0.2 i'm getting a random login issue with ldap. This started immediately on OC 8.2.3.10 and is still present in Nextcloud 11.0.2.

Actual behaviour

Sometimes this error occurs

Typ: Exception
Code: 48
Nachricht: LDAP authentication method rejected
Datei: /var/www/html/apps/user_ldap/lib/LDAP.php
Zeile: 335

After some more login attempts it will accept the ldap connection.

OC 8.2.3.2 (production VM) ist still working properly, while the clone of this VM with the upgrade to Nextcloud fails. (No other components were upgraded e.g. apache/php/ etc.)

Production and test VM are both connecting to the same ldap.

Server configuration

Operating system:
Debian Jessie
Web server:
Apache/2.4.10 (Debian)
Database:
mysql Ver 15.1 Distrib 10.0.30-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
PHP version:
PHP 7.0.17-1 dotdeb+8.1 (cli) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.17-1 dotdeb+8.1, Copyright (c) 1999-2017, by Zend Technologies

Nextcloud version: (see Nextcloud admin page)
Nextcloud 11.0.2.7

Updated from an older Nextcloud/ownCloud or fresh install:
upgrade from oc 8.2.3.2 -> ...... -> nc 11.0.2

Please note: a lot of other apps are connecting to the same openldap without having any issues. OC8.2.3.2 is working fine as well.

#0 /var/www/html/apps/user_ldap/lib/LDAP.php(368): OCA\User_LDAP\LDAP->processLDAPError(Resource id #87)
#1 /var/www/html/apps/user_ldap/lib/LDAP.php(295): OCA\User_LDAP\LDAP->postFunctionCall()
#2 /var/www/html/apps/user_ldap/lib/LDAP.php(46): OCA\User_LDAP\LDAP->invokeLDAPMethod('bind', Resource id #87, 'cn=my user...', 'mypassword')
#3 /var/www/html/apps/user_ldap/lib/Connection.php(613): OCA\User_LDAP\LDAP->bind(Resource id #87, 'cn=my user...', 'mypassword')
#4 /var/www/html/apps/user_ldap/lib/Access.php(1302): OCA\User_LDAP\Connection->bind()
#5 /var/www/html/apps/user_ldap/lib/User_LDAP.php(166): OCA\User_LDAP\Access->areCredentialsValid('cn=my user...', 'mypassword')
#6 /var/www/html/lib/private/User/Manager.php(193): OCA\User_LDAP\User_LDAP->checkPassword('My Name', 'mypassword')
#7 /var/www/html/lib/private/User/Session.php(632): OC\User\Manager->checkPassword('My Name', 'mypassword')
#8 /var/www/html/lib/private/User/Session.php(666): OC\User\Session->checkTokenCredentials(Object(OC\Authentication\Token\DefaultToken), 'xxxxxxx...')
#9 /var/www/html/lib/private/User/Session.php(234): OC\User\Session->validateToken('xxxxxxx...')
#10 /var/www/html/lib/private/User/Session.php(209): OC\User\Session->validateSession()
#11 /var/www/html/lib/private/App/AppManager.php(155): OC\User\Session->getUser()
#12 /var/www/html/lib/private/legacy/app.php(349): OC\App\AppManager->isEnabledForUser('user_webdavauth')
#13 /var/www/html/lib/public/App.php(132): OC_App::isEnabled('user_webdavauth')
#14 /var/www/html/apps/user_ldap/appinfo/app.php(71): OCP\App::isEnabled('user_webdavauth')
#15 /var/www/html/lib/private/legacy/app.php(214): require_once('/var/www/html/a...')
#16 /var/www/html/lib/private/legacy/app.php(155): OC_App::requireAppFile('user_ldap')
#17 /var/www/html/lib/private/legacy/app.php(125): OC_App::loadApp('user_ldap')
#18 /var/www/html/lib/base.php(987): OC_App::loadApps(Array)
#19 /var/www/html/index.php(40): OC::handleRequest()
#20 {main}

Any ideas how to solve this?

Thanks in advance

Cheers!

[MorrisJobke]

Any ideas how to solve this?

This looks a lot like an issue with the LDAP server itself. Check the LDAP server and it's logs for more hints on this.