Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enhance LDAP login to not affect "failed logins" and giving a meaningfull error message on timeout #2389

MrGeneration opened this issue Dec 4, 2018 · 0 comments


None yet
1 participant
Copy link

commented Dec 4, 2018


  • Used Zammad version: 2.8.x
  • Installation method (source, package, ..): n/a
  • Operating system: n/a
  • Database + version: n/a
  • Elasticsearch version: n/a
  • Browser + version: n/a
  • Ticket-ID: #1033303, #1042723

Expected behavior:

  • When logging in (and the LDAP-Server is not accessible at the moment), Zammad will return a meaning full error message (e.g. "Sorry, the authentication source is currently not reachable. Contact your system administrator.") to the user instead of "invalid username or password" and also not count up the failed logins.

Actual behavior:

  • Zammad will count up failed logins if the LDAP-Server is not accessable for the moment and return "invalid username or password". As result, the user will try several times until he causes a lockout of his own account.

Steps to reproduce the behavior:

  • Configure LDAP-Connection to Zammad
  • Ensure your Zammad can't reach the LDAP-Server
  • try to login as agent (if you do 10 times during downtime of LDAP-Server, your account will get locked)

This is in general not a bug and (hopefully) doesn't appear to often.
Still, the handling in Zammad should be better, as the result might not be expected.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.