Cant login from ldap from in an updated owncloud

Steps to reproduce

  1. Update from 9.11 to 10.2 going through all the versions in between
  2. Add ldap “LDAP Integration”
  3. Try to log in

Expected behaviour

To log in

Actual behaviour

“Contraseña incorrecta.” (Incorrect password)

Server configuration

Operating system:
Centos 7
Web server:
httpd-2.4.6-90.el7.centos.x86_64
httpd-tools-2.4.6-90.el7.centos.x86_64
Database:
[root@mariadb10 ~]# rpm -qa | grep -i maria
MariaDB-common-10.4.11-1.el7.centos.x86_64
MariaDB-compat-10.4.11-1.el7.centos.x86_64
MariaDB-server-10.4.11-1.el7.centos.x86_64
MariaDB-client-10.4.11-1.el7.centos.x86_64
PHP version:
[root@owncloud10 ~]# rpm -qa | grep -i php
php-json-7.0.33-17.el7.remi.x86_64
php-fedora-autoloader-1.0.0-1.el7.noarch
php-pear-1.10.10-4.el7.remi.noarch
php-pspell-7.0.33-17.el7.remi.x86_64
php70-runtime-2.0-1.el7.remi.x86_64
php-ldap-7.0.33-17.el7.remi.x86_64
php-common-7.0.33-17.el7.remi.x86_64
php-process-7.0.33-17.el7.remi.x86_64
php-xml-7.0.33-17.el7.remi.x86_64
php-mysqlnd-7.0.33-17.el7.remi.x86_64
php-7.0.33-17.el7.remi.x86_64
php-mcrypt-7.0.33-17.el7.remi.x86_64
php-pecl-zip-1.17.1-1.el7.remi.7.0.x86_64
php-mbstring-7.0.33-17.el7.remi.x86_64
php70-php-common-7.0.33-17.el7.remi.x86_64
php70-php-ldap-7.0.33-17.el7.remi.x86_64
php-cli-7.0.33-17.el7.remi.x86_64
php-pdo-7.0.33-17.el7.remi.x86_64
php-gd-7.0.33-17.el7.remi.x86_64
php-intl-7.0.33-17.el7.remi.x86_64
php70-php-json-7.0.33-17.el7.remi.x86_64
ownCloud version: (see ownCloud admin page)
ownCloud 10.2.0 (stable)
Updated from an older ownCloud or fresh install:
Updated from owncloud-9.1.8 > owncloud-10.0.10 > owncloud-10.1.1 > owncloud-10.2.0
Where did you install ownCloud from:

https://download.owncloud.org/community/

Signing status (ownCloud 9.0 and above):
“Integrity checker has been disabled. Integrity cannot be verified.”

The content of config/config.php:
[root@owncloud10 owncloud]# sudo -u apache php occ config:list
{
“system”: {
“updatechecker”: false,
“instanceid”: “ocywhst7k5zd”,
“passwordsalt”: “REMOVED SENSITIVE VALUE”,
“secret”: “REMOVED SENSITIVE VALUE”,
“trusted_domains”: [
“owncloud10.t1lib.testing”
],
“datadirectory”: “/var/www/html/nextcloud/data”,
“overwrite.cli.url”: “http://owncloud10.t1lib.testing”,
“dbtype”: “mysql”,
“version”: “10.2.0.5”,
“dbname”: “owncloud”,
“dbhost”: “10.222.4.20:3306”,
“dbtableprefix”: “oc_”,
“dbuser”: “REMOVED SENSITIVE VALUE”,
“dbpassword”: “REMOVED SENSITIVE VALUE”,
“logtimezone”: “UTC”,
“installed”: true,
“mail_smtpmode”: “sendmail”,
“mail_from_address”: “REMOVED SENSITIVE VALUE”,
“mail_domain”: “REMOVED SENSITIVE VALUE”,
“ldapIgnoreNamingRules”: false,
“maintenance”: false,
“preview_libreoffice_path”: “/opt/libreoffice6.0/program/soffice”,
“appstoreenabled”: true,
“appstoreurl”: “https://marketplace.owncloud.com”,
“appstore.experimental.enabled”: true,
“theme”: “”,
“loglevel”: 0,
“singleuser”: false,
“integrity.check.disabled”: true
},
“apps”: {
“activity”: {
“enabled”: “yes”,
“installed_version”: “2.5.2”,
“signed”: “true”,
“types”: “filesystem”
},
“announcementcenter”: {
“enabled”: “no”,
“installed_version”: “1.1.2”,
“ocsid”: “173921”,
“signed”: “true”,
“types”: “”
},
“backgroundjob”: {
“lastjob”: “11”
},
“calendar”: {
“enabled”: “no”,
“installed_version”: “1.1”,
“ocsid”: “168707”,
“types”: “”
},
“cloud_federation_api”: {
“enabled”: “no”,
“installed_version”: “1.0.0”,
“types”: “filesystem”
},
“comments”: {
“enabled”: “no”,
“installed_version”: “0.3.0”,
“types”: “logging”
},
“configreport”: {
“enabled”: “no”,
“installed_version”: “0.1.1”,
“types”: “filesystem”
},
“core”: {
“backgroundjobs_mode”: “ajax”,
“installedat”: “1579196121.7338”,
“lastcron”: “1581335856”,
“lastupdatedat”: “0”,
“oc.integritycheck.checker”: “[]”,
“outgoing_server2server_share_enabled”: “no”,
“public_documents”: “documents/public.php”,
“public_files”: “files_sharing/public.php”,
“public_webdav”: “dav/appinfo/v1/publicwebdav.php”,
“remote_caldav”: “dav/appinfo/v1/caldav.php”,
“remote_calendar”: “dav/appinfo/v1/caldav.php”,
“remote_carddav”: “dav/appinfo/v1/carddav.php”,
“remote_contacts”: “dav/appinfo/v1/carddav.php”,
“remote_dav”: “dav/appinfo/v2/remote.php”,
“remote_files”: “dav/appinfo/v1/webdav.php”,
“remote_webdav”: “dav/appinfo/v1/webdav.php”,
“shareapi_allow_links”: “yes”,
“shareapi_allow_public_upload”: “no”,
“shareapi_enabled”: “yes”,
“umgmt_send_email”: “false”,
“umgmt_set_password”: “true”,
“umgmt_show_backend”: “true”,
“umgmt_show_email”: “true”,
“umgmt_show_is_enabled”: “true”,
“umgmt_show_last_login”: “true”,
“umgmt_show_storage_location”: “true”,
“vendor”: “owncloud”
},
“dav”: {
“enabled”: “yes”,
“installed_version”: “0.4.0”,
“types”: “filesystem”
},
“documents”: {
“converter”: “local”,
“converter_url”: “http://localhost:16080”,
“enabled”: “no”,
“installed_version”: “0.12.1”,
“ocsid”: “168711”,
“types”: “”
},
“federatedfilesharing”: {
“enabled”: “yes”,
“installed_version”: “0.4.0”,
“types”: “filesystem”
},
“federation”: {
“enabled”: “no”,
“installed_version”: “0.1.0”,
“types”: “authentication”
},
“files”: {
“cronjob_scan_files”: “500”,
“default_quota”: “100 GB”,
“enabled”: “yes”,
“installed_version”: “1.5.2”,
“types”: “filesystem”
},
“files_external”: {
“enabled”: “yes”,
“installed_version”: “0.7.1”,
“types”: “filesystem”
},
“files_pdfviewer”: {
“enabled”: “no”,
“installed_version”: “0.8.1”,
“ocsid”: “166049”,
“types”: “”
},
“files_rightclick”: {
“enabled”: “no”,
“installed_version”: “0.14.2”,
“types”: “”
},
“files_sharing”: {
“enabled”: “no”,
“installed_version”: “0.10.0”,
“outgoing_server2server_share_enabled”: “no”,
“types”: “filesystem”
},
“files_texteditor”: {
“enabled”: “yes”,
“installed_version”: “2.3.0”,
“ocsid”: “166051”,
“signed”: “true”,
“types”: “”
},
“files_trashbin”: {
“enabled”: “no”,
“installed_version”: “0.9.0”,
“types”: “filesystem”
},
“files_versions”: {
“enabled”: “no”,
“installed_version”: “1.3.0”,
“types”: “filesystem”
},
“files_videoplayer”: {
“enabled”: “no”,
“installed_version”: “0.9.8”,
“types”: “”
},
“firstrunwizard”: {
“enabled”: “no”,
“installed_version”: “1.1”,
“ocsid”: “166055”,
“types”: “”
},
“gallery”: {
“enabled”: “no”,
“installed_version”: “14.5.0”,
“types”: “”
},
“lookup_server_connector”: {
“enabled”: “no”,
“installed_version”: “1.5.0”,
“types”: “authentication”
},
“market”: {
“enabled”: “yes”,
“installed_version”: “0.5.0”,
“key”: null,
“signed”: “true”,
“types”: “”
},
“notifications”: {
“enabled”: “no”,
“installed_version”: “0.3.0”,
“types”: “logging”
},
“oauth2”: {
“enabled”: “no”,
“installed_version”: “1.5.0”,
“signed”: “true”,
“types”: “authentication”
},
“ojsxc”: {
“boshUrl”: “”,
“chromeExtension”: “”,
“enabled”: “no”,
“externalServices”: “”,
“firefoxExtension”: “”,
“iceCredential”: “”,
“iceSecret”: “”,
“iceTtl”: “”,
“iceUrl”: “”,
“iceUsername”: “”,
“installed_version”: “3.1.1”,
“ocsid”: “162257”,
“serverType”: “internal”,
“types”: “prelogin”,
“xmppDomain”: “”,
“xmppOverwrite”: “false”,
“xmppPreferMail”: “false”,
“xmppResource”: “”,
“xmppStartMinimized”: “false”
},
“onlyoffice”: {
“enabled”: “no”,
“installed_version”: “2.0.1”,
“ocsid”: “174798”,
“types”: “filesystem”
},
“pdflintview”: {
“enabled”: “no”,
“installed_version”: “1.0”,
“ocsid”: “169202”,
“types”: “type”
},
“provisioning_api”: {
“enabled”: “no”,
“installed_version”: “0.5.0”,
“types”: “prevent_group_restriction”
},
“recommendations”: {
“enabled”: “no”,
“installed_version”: “0.5.0”,
“types”: “”
},
“richdocuments”: {
“enabled”: “no”,
“installed_version”: “1.1.28”,
“ocsid”: “174727”,
“types”: “prevent_group_restriction”,
“wopi_url”: “http://nube.asse/owncloud
},
“serverinfo”: {
“enabled”: “no”,
“installed_version”: “1.7.0”,
“types”: “”
},
“systemtags”: {
“enabled”: “no”,
“installed_version”: “0.3.0”,
“types”: “logging”
},
“templateeditor”: {
“enabled”: “no”,
“installed_version”: “0.1”,
“types”: “”
},
“updatenotification”: {
“enabled”: “no”,
“installed_version”: “0.2.1”,
“types”: “”
},
“user_ldap”: {
“enabled”: “yes”,
“installed_version”: “0.15.0”,
“s02has_memberof_filter_support”: “”,
“s02home_folder_naming_rule”: “”,
“s02last_jpegPhoto_lookup”: “0”,
“s02ldap_agent_password”: “”,
“s02ldap_attributes_for_group_search”: “”,
“s02ldap_attributes_for_user_search”: “uid”,
“s02ldap_backup_host”: “”,
“s02ldap_backup_port”: “”,
“s02ldap_base”: “ou=people,dc=asse,dc=com,dc=uy”,
“s02ldap_base_groups”: “ou=people,dc=asse,dc=com,dc=uy”,
“s02ldap_base_users”: “ou=people,dc=asse,dc=com,dc=uy”,
“s02ldap_cache_ttl”: “600”,
“s02ldap_configuration_active”: “1”,
“s02ldap_display_name”: “”,
“s02ldap_dn”: “”,
“s02ldap_dynamic_group_member_url”: “”,
“s02ldap_email_attr”: “mail”,
“s02ldap_experienced_admin”: “1”,
“s02ldap_expert_username_attr”: “”,
“s02ldap_expert_uuid_group_attr”: “”,
“s02ldap_expert_uuid_user_attr”: “”,
“s02ldap_group_display_name”: “cn”,
“s02ldap_group_filter”: “”,
“s02ldap_group_filter_mode”: “0”,
“s02ldap_group_member_assoc_attribute”: “memberUid”,
“s02ldap_groupfilter_groups”: “”,
“s02ldap_groupfilter_objectclass”: “”,
“s02ldap_host”: “ldap.asse”,
“s02ldap_login_filter”: “uid=%uid”,
“s02ldap_login_filter_mode”: “0”,
“s02ldap_loginfilter_attributes”: “”,
“s02ldap_loginfilter_email”: “0”,
“s02ldap_loginfilter_username”: “1”,
“s02ldap_nested_groups”: “0”,
“s02ldap_network_timeout”: “2”,
“s02ldap_override_main_server”: “”,
“s02ldap_paging_size”: “500”,
“s02ldap_port”: “389”,
“s02ldap_quota_attr”: “”,
“s02ldap_quota_def”: “”,
“s02ldap_tls”: “0”,
“s02ldap_turn_off_cert_check”: “0”,
“s02ldap_user_display_name_2”: “”,
“s02ldap_user_filter_mode”: “0”,
“s02ldap_user_name”: “samaccountname”,
“s02ldap_userfilter_groups”: “”,
“s02ldap_userfilter_objectclass”: “amavisAccount\norganizationalPerson\nzimbraAccount”,
“s02ldap_userlist_filter”: “(|(objectclass=amavisAccount)(objectclass=organizationalPerson)(objectclass=zimbraAccount))”,
“s02use_memberof_to_detect_membership”: “1”,
“signed”: “true”,
“types”: “authentication”
},
“workflowengine”: {
“enabled”: “no”,
“installed_version”: “1.7.0”,
“types”: “filesystem”
}
}
}

List of activated apps:
[root@owncloud10 owncloud]# sudo -u apache php occ app:list
Enabled:

  • activity: 2.5.2
  • dav: 0.4.0
  • federatedfilesharing: 0.4.0
  • files: 1.5.2
  • files_external: 0.7.1
  • files_texteditor: 2.3.0
  • market: 0.5.0
  • user_ldap: 0.15.0
    Disabled:
  • comments
  • configreport
  • encryption
  • external
  • federation
  • files_sharing
  • files_trashbin
  • files_versions
  • files_videoplayer
  • firstrunwizard
  • notifications
  • oauth2
  • provisioning_api
  • systemtags
  • updatenotification
  • user_external
    [root@owncloud10 owncloud]#

Are you using external storage, if yes which one: local/smb/sftp/…
No
Are you using encryption: yes/no
No

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…

LDAP configuration (delete this part if not used)

[root@owncloud10 owncloud]# sudo -u apache php occ ldap:show-config
±------------------------------±--------------------------------------------------------------------------------------------+
| Configuration | s02 |
±------------------------------±--------------------------------------------------------------------------------------------+
| hasMemberOfFilterSupport | |
| hasPagedResultSupport | |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | |
| ldapAgentPassword | *** |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | uid |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | ou=people,dc=asse,dc=com,dc=uy |
| ldapBaseGroups | ou=people,dc=asse,dc=com,dc=uy |
| ldapBaseUsers | ou=people,dc=asse,dc=com,dc=uy |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 1 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 0 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | memberUid |
| ldapHost | ldap.asse |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | uid=%uid |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 0 |
| ldapLoginFilterUsername | 1 |
| ldapNestedGroups | 0 |
| ldapNetworkTimeout | 2 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 389 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserDisplayName | |
| ldapUserDisplayName2 | |
| ldapUserFilter | (|(objectclass=amavisAccount)(objectclass=organizationalPerson)(objectclass=zimbraAccount)) |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 0 |
| ldapUserFilterObjectclass | amavisAccount;organizationalPerson;zimbraAccount |
| ldapUserName | samaccountname |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 0 |
| useMemberOfToDetectMembership | 1 |
±------------------------------±--------------------------------------------------------------------------------------------+
[root@owncloud10 owncloud]#

Client configuration

Google Chrome Versión 79.0.3945.130 | Firefox 72.0.1 (64-bit)
Operating system:
Linux Mint

Logs

no records found

Web server error log

10.202.10.38 - - [10/Feb/2020:09:20:59 -0300] “POST /index.php/login HTTP/1.1” 303 - “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”
10.202.10.38 - - [10/Feb/2020:09:20:59 -0300] “GET /index.php/login?user=marcelo.lemos HTTP/1.1” 200 8470 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”
10.202.10.38 - - [10/Feb/2020:09:21:00 -0300] “GET /index.php/core/js/oc.js?v=3f2dd419b2c0abc5461f6f4458c01209 HTTP/1.1” 200 2268 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”
10.202.10.38 - - [10/Feb/2020:09:21:00 -0300] “GET /core/vendor/browser-update/browser-update.js?_=1581337267354 HTTP/1.1” 200 23636 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”
10.202.10.38 - - [10/Feb/2020:09:21:00 -0300] “GET /cron.php HTTP/1.1” 200 20 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”

ownCloud log (data/owncloud.log)

{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:2,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“user_ldap”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“Configuration Error (prefix s02): No LDAP User Display Name given!”}
{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:2,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“user_ldap”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“Configuration Error (prefix s02): No LDAP User Display Name given!”}
{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:0,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“OC\User\Session::login”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“regenerating session id for uid marcelo.lemos, password set”}
{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:0,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“OC\Authentication\Token\DefaultTokenProvider::getToken”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“token ffb3d55fb58dbf224cf0b12bd60696e6fc1917d42ea8144a8b2ce7662708e1351687b7cd90ebce64e1440679b862b1c666e81d66c7e6941aa001864007d41e88 does not exist”}
{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:0,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“OC\User\Session::validateToken”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“token ffb3d55fb58dbf224cf0b12bd60696e6fc1917d42ea8144a8b2ce7662708e1351687b7cd90ebce64e1440679b862b1c666e81d66c7e6941aa001864007d41e88, not found”}

Browser log

no records found

Why nextcloud/data

wrong forum?

1 Like

Create a local admin on the command line using the occ command and correct your configuration errors in the LDAP settings.