LDAP sync successfully but cannot login by ldap #8621
Comments
|
👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can. |
|
@maodahua 你好,我也有一样的问题,请问你解决了吗? |
|
@hssz202pgw Not yet, I'm waiting snipe solve the issue. |
我的环境基本和你一致,web服务器用的nginx,怀疑可能是中文版的原因? |
I don't think so. I modify the language to English and nothing helpd. |
|
When possible, please post in English. (It’s okay if you have to use google translate. Bad translations are better than nothing.) We are unable to reproduce this issue right now. LDAP logins are working as expected on our end. We’re looking into it, but it’s very hard to fix a bug you can’t reproduce :( |
I can't find some log to show you even thought I turn on the debug mode. |
|
I create a new server and fresh install snipeit on it and config ldap. And I found when the first login successfully in new system, The user Note will add "last login from ldap2". when I change ldap setting and resync it dispear. |
|
For what it's worth, I'm seeing the same issue with our LDAP accounts. Noticed initially when we upgraded to 5.0.1 last week and still occurring on 5.0.4. We are not using active directory but same symptoms. I run a test sync and it shows a successful connect & bind. Running an actual sync shows a successful LDAP import. But when you go to log in with any of the LDAP accounts I receive a "username or password incorrect" message. Tested this with a few different ldap accounts and these logins were working before we updated to 5.x.
edit: we are also running our server on CentOS, and PHP version 7.2.27 installed. Ran upgrade.php, I believe our previous version was 4.7.8. 2nd edit: I think I was able to fix this for now by changing our auth query from uid= to cn= |
|
Hi
LDAP Sync works, but i cant login |
I have no idea. So I install a old version snipeit and restore the backupdata before the upgrade. |
|
I have same issue here, i can get LDAP synced and imported usere successfully. but when I try to login with one of imported AD accounts, it warns me the username or password is incorrect. Wondering if it's a known bug, or there is a fix already? |
V5.0.x have the issus. I can find a fix still now. |
ok, did you manage to solve this problem with the downgrade? |
I use V4.9.55 now. V4.x is work fine, I use this version for produce |
Mine is Snipe-IT versionv5.0.5-pre build 5457 I just built it up, never tried lower versions. |
Is this Snipte-IT version ( Snipe-IT versionv5.0.5-pre build 5457 ) working correctly ? |
we still have this issue on this version ( Snipe-IT versionv5.0.5-pre build 5457 ) |
snipe
changed the title
|
@uberbrady can you take a look? |
|
After my upgrade to v5 I had many users unable to login until I selected the LDAP option for "Append domain name to username field". This was never required for my LDAP configuration prior to v5 and we have been using Snipe-IT since v2.x Give it a try, I hope it helps someone
|
|
@VanillaNinjaD the migration that runs to get your database schema migrated from v4 to v5 should automatically set that variable during the migration process - but it looks like that didn't happen for you for some reason. |
|
@uberbrady I was one of the users bit by the weird migrations issue that some of us had during the v5 upgrade. I'm sure that had something to do with it. I only pointed it out since I noticed the screenshots above have "This is an Active Directory Server" selected but do not have the "Append domain name to username field" selected |
|
Hello everyone, today I test V5.0.7 and when I check the box "Append domain name to username field". LDAP test successfully and I can login! but in old version, No matter whether I check it or not, I can’t log in. |
|
@maodahua Great news! Thanks so much for testing that so quickly! |
|
Saludos, Correcto. Se debe seleccionar: |
|
Hi, i also had this problem solved by checking the Append domain name box. Thank you! |
|
Please try the following settings. I hope this help you guys.
|
|
Hi all, |
|
@Aliko47, that fixed my issue. I used to have the "LDAP Authentication query" field as uid=userPrincipalName I had to change it to userPrincipalName= I guess they changed the syntax in an update, and didn't update the documentation? |
Please confirm you have done the following before posting your bug report:
Describe the bug
In v5.0.4 I can sync by ldap, but I still login some account by ldap
To Reproduce
Steps to reproduce the behavior:
Expected behavior
domain account can login system after ldap sync
Screenshots
Server (please complete the following information):
Desktop (please complete the following information):
Error Messages
[10:44:31] LOG.debug: LDAP is enabled.
DEBUGLOG[10:44:31] LOG.debug: Attempting to log user in by LDAP authentication.
DEBUGLOG[10:44:31] LOG.debug: LDAP user login: Unable to validate user credentials!
DEBUGLOG
[10:44:31] LOG.debug: There was an error authenticating the LDAP user: Unable to validate user credentials!
DEBUGLOG
[10:44:31] LOG.debug: Authenticating user against database.
DEBUGLOG
[10:44:31] LOG.debug: Local authentication failed.
Additional context
The text was updated successfully, but these errors were encountered: