Cant login from ldap from in an updated owncloud

maniat1k · February 10, 2020, 12:28pm

Steps to reproduce

Update from 9.11 to 10.2 going through all the versions in between
Add ldap “LDAP Integration”
Try to log in

Expected behaviour

To log in

Actual behaviour

“Contraseña incorrecta.” (Incorrect password)

Server configuration

Operating system:
Centos 7
Web server:
httpd-2.4.6-90.el7.centos.x86_64
httpd-tools-2.4.6-90.el7.centos.x86_64
Database:
[root@mariadb10 ~]# rpm -qa | grep -i maria
MariaDB-common-10.4.11-1.el7.centos.x86_64
MariaDB-compat-10.4.11-1.el7.centos.x86_64
MariaDB-server-10.4.11-1.el7.centos.x86_64
MariaDB-client-10.4.11-1.el7.centos.x86_64
PHP version:
[root@owncloud10 ~]# rpm -qa | grep -i php
php-json-7.0.33-17.el7.remi.x86_64
php-fedora-autoloader-1.0.0-1.el7.noarch
php-pear-1.10.10-4.el7.remi.noarch
php-pspell-7.0.33-17.el7.remi.x86_64
php70-runtime-2.0-1.el7.remi.x86_64
php-ldap-7.0.33-17.el7.remi.x86_64
php-common-7.0.33-17.el7.remi.x86_64
php-process-7.0.33-17.el7.remi.x86_64
php-xml-7.0.33-17.el7.remi.x86_64
php-mysqlnd-7.0.33-17.el7.remi.x86_64
php-7.0.33-17.el7.remi.x86_64
php-mcrypt-7.0.33-17.el7.remi.x86_64
php-pecl-zip-1.17.1-1.el7.remi.7.0.x86_64
php-mbstring-7.0.33-17.el7.remi.x86_64
php70-php-common-7.0.33-17.el7.remi.x86_64
php70-php-ldap-7.0.33-17.el7.remi.x86_64
php-cli-7.0.33-17.el7.remi.x86_64
php-pdo-7.0.33-17.el7.remi.x86_64
php-gd-7.0.33-17.el7.remi.x86_64
php-intl-7.0.33-17.el7.remi.x86_64
php70-php-json-7.0.33-17.el7.remi.x86_64
ownCloud version: (see ownCloud admin page)
ownCloud 10.2.0 (stable)
Updated from an older ownCloud or fresh install:
Updated from owncloud-9.1.8 > owncloud-10.0.10 > owncloud-10.1.1 > owncloud-10.2.0
Where did you install ownCloud from:

https://download.owncloud.org/community/

Signing status (ownCloud 9.0 and above):
“Integrity checker has been disabled. Integrity cannot be verified.”

The content of config/config.php:
[root@owncloud10 owncloud]# sudo -u apache php occ config:list
{
“system”: {
“updatechecker”: false,
“instanceid”: “ocywhst7k5zd”,
“passwordsalt”: “REMOVED SENSITIVE VALUE”,
“secret”: “REMOVED SENSITIVE VALUE”,
“trusted_domains”: [
“owncloud10.t1lib.testing”
],
“datadirectory”: “/var/www/html/nextcloud/data”,
“overwrite.cli.url”: “http://owncloud10.t1lib.testing”,
“dbtype”: “mysql”,
“version”: “10.2.0.5”,
“dbname”: “owncloud”,
“dbhost”: “10.222.4.20:3306”,
“dbtableprefix”: “oc_”,
“dbuser”: “REMOVED SENSITIVE VALUE”,
“dbpassword”: “REMOVED SENSITIVE VALUE”,
“logtimezone”: “UTC”,
“installed”: true,
“mail_smtpmode”: “sendmail”,
“mail_from_address”: “REMOVED SENSITIVE VALUE”,
“mail_domain”: “REMOVED SENSITIVE VALUE”,
“ldapIgnoreNamingRules”: false,
“maintenance”: false,
“preview_libreoffice_path”: “/opt/libreoffice6.0/program/soffice”,
“appstoreenabled”: true,
“appstoreurl”: “https://marketplace.owncloud.com”,
“appstore.experimental.enabled”: true,
“theme”: “”,
“loglevel”: 0,
“singleuser”: false,
“integrity.check.disabled”: true
},
“apps”: {
“activity”: {
“enabled”: “yes”,
“installed_version”: “2.5.2”,
“signed”: “true”,
“types”: “filesystem”
},
“announcementcenter”: {
“enabled”: “no”,
“installed_version”: “1.1.2”,
“ocsid”: “173921”,
“signed”: “true”,
“types”: “”
},
“backgroundjob”: {
“lastjob”: “11”
},
“calendar”: {
“enabled”: “no”,
“installed_version”: “1.1”,
“ocsid”: “168707”,
“types”: “”
},
“cloud_federation_api”: {
“enabled”: “no”,
“installed_version”: “1.0.0”,
“types”: “filesystem”
},
“comments”: {
“enabled”: “no”,
“installed_version”: “0.3.0”,
“types”: “logging”
},
“configreport”: {
“enabled”: “no”,
“installed_version”: “0.1.1”,
“types”: “filesystem”
},
“core”: {
“backgroundjobs_mode”: “ajax”,
“installedat”: “1579196121.7338”,
“lastcron”: “1581335856”,
“lastupdatedat”: “0”,
“oc.integritycheck.checker”: “[]”,
“outgoing_server2server_share_enabled”: “no”,
“public_documents”: “documents/public.php”,
“public_files”: “files_sharing/public.php”,
“public_webdav”: “dav/appinfo/v1/publicwebdav.php”,
“remote_caldav”: “dav/appinfo/v1/caldav.php”,
“remote_calendar”: “dav/appinfo/v1/caldav.php”,
“remote_carddav”: “dav/appinfo/v1/carddav.php”,
“remote_contacts”: “dav/appinfo/v1/carddav.php”,
“remote_dav”: “dav/appinfo/v2/remote.php”,
“remote_files”: “dav/appinfo/v1/webdav.php”,
“remote_webdav”: “dav/appinfo/v1/webdav.php”,
“shareapi_allow_links”: “yes”,
“shareapi_allow_public_upload”: “no”,
“shareapi_enabled”: “yes”,
“umgmt_send_email”: “false”,
“umgmt_set_password”: “true”,
“umgmt_show_backend”: “true”,
“umgmt_show_email”: “true”,
“umgmt_show_is_enabled”: “true”,
“umgmt_show_last_login”: “true”,
“umgmt_show_storage_location”: “true”,
“vendor”: “owncloud”
},
“dav”: {
“enabled”: “yes”,
“installed_version”: “0.4.0”,
“types”: “filesystem”
},
“documents”: {
“converter”: “local”,
“converter_url”: “http://localhost:16080”,
“enabled”: “no”,
“installed_version”: “0.12.1”,
“ocsid”: “168711”,
“types”: “”
},
“federatedfilesharing”: {
“enabled”: “yes”,
“installed_version”: “0.4.0”,
“types”: “filesystem”
},
“federation”: {
“enabled”: “no”,
“installed_version”: “0.1.0”,
“types”: “authentication”
},
“files”: {
“cronjob_scan_files”: “500”,
“default_quota”: “100 GB”,
“enabled”: “yes”,
“installed_version”: “1.5.2”,
“types”: “filesystem”
},
“files_external”: {
“enabled”: “yes”,
“installed_version”: “0.7.1”,
“types”: “filesystem”
},
“files_pdfviewer”: {
“enabled”: “no”,
“installed_version”: “0.8.1”,
“ocsid”: “166049”,
“types”: “”
},
“files_rightclick”: {
“enabled”: “no”,
“installed_version”: “0.14.2”,
“types”: “”
},
“files_sharing”: {
“enabled”: “no”,
“installed_version”: “0.10.0”,
“outgoing_server2server_share_enabled”: “no”,
“types”: “filesystem”
},
“files_texteditor”: {
“enabled”: “yes”,
“installed_version”: “2.3.0”,
“ocsid”: “166051”,
“signed”: “true”,
“types”: “”
},
“files_trashbin”: {
“enabled”: “no”,
“installed_version”: “0.9.0”,
“types”: “filesystem”
},
“files_versions”: {
“enabled”: “no”,
“installed_version”: “1.3.0”,
“types”: “filesystem”
},
“files_videoplayer”: {
“enabled”: “no”,
“installed_version”: “0.9.8”,
“types”: “”
},
“firstrunwizard”: {
“enabled”: “no”,
“installed_version”: “1.1”,
“ocsid”: “166055”,
“types”: “”
},
“gallery”: {
“enabled”: “no”,
“installed_version”: “14.5.0”,
“types”: “”
},
“lookup_server_connector”: {
“enabled”: “no”,
“installed_version”: “1.5.0”,
“types”: “authentication”
},
“market”: {
“enabled”: “yes”,
“installed_version”: “0.5.0”,
“key”: null,
“signed”: “true”,
“types”: “”
},
“notifications”: {
“enabled”: “no”,
“installed_version”: “0.3.0”,
“types”: “logging”
},
“oauth2”: {
“enabled”: “no”,
“installed_version”: “1.5.0”,
“signed”: “true”,
“types”: “authentication”
},
“ojsxc”: {
“boshUrl”: “”,
“chromeExtension”: “”,
“enabled”: “no”,
“externalServices”: “”,
“firefoxExtension”: “”,
“iceCredential”: “”,
“iceSecret”: “”,
“iceTtl”: “”,
“iceUrl”: “”,
“iceUsername”: “”,
“installed_version”: “3.1.1”,
“ocsid”: “162257”,
“serverType”: “internal”,
“types”: “prelogin”,
“xmppDomain”: “”,
“xmppOverwrite”: “false”,
“xmppPreferMail”: “false”,
“xmppResource”: “”,
“xmppStartMinimized”: “false”
},
“onlyoffice”: {
“enabled”: “no”,
“installed_version”: “2.0.1”,
“ocsid”: “174798”,
“types”: “filesystem”
},
“pdflintview”: {
“enabled”: “no”,
“installed_version”: “1.0”,
“ocsid”: “169202”,
“types”: “type”
},
“provisioning_api”: {
“enabled”: “no”,
“installed_version”: “0.5.0”,
“types”: “prevent_group_restriction”
},
“recommendations”: {
“enabled”: “no”,
“installed_version”: “0.5.0”,
“types”: “”
},
“richdocuments”: {
“enabled”: “no”,
“installed_version”: “1.1.28”,
“ocsid”: “174727”,
“types”: “prevent_group_restriction”,
“wopi_url”: “http://nube.asse/owncloud”
},
“serverinfo”: {
“enabled”: “no”,
“installed_version”: “1.7.0”,
“types”: “”
},
“systemtags”: {
“enabled”: “no”,
“installed_version”: “0.3.0”,
“types”: “logging”
},
“templateeditor”: {
“enabled”: “no”,
“installed_version”: “0.1”,
“types”: “”
},
“updatenotification”: {
“enabled”: “no”,
“installed_version”: “0.2.1”,
“types”: “”
},
“user_ldap”: {
“enabled”: “yes”,
“installed_version”: “0.15.0”,
“s02has_memberof_filter_support”: “”,
“s02home_folder_naming_rule”: “”,
“s02last_jpegPhoto_lookup”: “0”,
“s02ldap_agent_password”: “”,
“s02ldap_attributes_for_group_search”: “”,
“s02ldap_attributes_for_user_search”: “uid”,
“s02ldap_backup_host”: “”,
“s02ldap_backup_port”: “”,
“s02ldap_base”: “ou=people,dc=asse,dc=com,dc=uy”,
“s02ldap_base_groups”: “ou=people,dc=asse,dc=com,dc=uy”,
“s02ldap_base_users”: “ou=people,dc=asse,dc=com,dc=uy”,
“s02ldap_cache_ttl”: “600”,
“s02ldap_configuration_active”: “1”,
“s02ldap_display_name”: “”,
“s02ldap_dn”: “”,
“s02ldap_dynamic_group_member_url”: “”,
“s02ldap_email_attr”: “mail”,
“s02ldap_experienced_admin”: “1”,
“s02ldap_expert_username_attr”: “”,
“s02ldap_expert_uuid_group_attr”: “”,
“s02ldap_expert_uuid_user_attr”: “”,
“s02ldap_group_display_name”: “cn”,
“s02ldap_group_filter”: “”,
“s02ldap_group_filter_mode”: “0”,
“s02ldap_group_member_assoc_attribute”: “memberUid”,
“s02ldap_groupfilter_groups”: “”,
“s02ldap_groupfilter_objectclass”: “”,
“s02ldap_host”: “ldap.asse”,
“s02ldap_login_filter”: “uid=%uid”,
“s02ldap_login_filter_mode”: “0”,
“s02ldap_loginfilter_attributes”: “”,
“s02ldap_loginfilter_email”: “0”,
“s02ldap_loginfilter_username”: “1”,
“s02ldap_nested_groups”: “0”,
“s02ldap_network_timeout”: “2”,
“s02ldap_override_main_server”: “”,
“s02ldap_paging_size”: “500”,
“s02ldap_port”: “389”,
“s02ldap_quota_attr”: “”,
“s02ldap_quota_def”: “”,
“s02ldap_tls”: “0”,
“s02ldap_turn_off_cert_check”: “0”,
“s02ldap_user_display_name_2”: “”,
“s02ldap_user_filter_mode”: “0”,
“s02ldap_user_name”: “samaccountname”,
“s02ldap_userfilter_groups”: “”,
“s02ldap_userfilter_objectclass”: “amavisAccount\norganizationalPerson\nzimbraAccount”,
“s02ldap_userlist_filter”: “(|(objectclass=amavisAccount)(objectclass=organizationalPerson)(objectclass=zimbraAccount))”,
“s02use_memberof_to_detect_membership”: “1”,
“signed”: “true”,
“types”: “authentication”
},
“workflowengine”: {
“enabled”: “no”,
“installed_version”: “1.7.0”,
“types”: “filesystem”
}
}
}

List of activated apps:
[root@owncloud10 owncloud]# sudo -u apache php occ app:list
Enabled:

activity: 2.5.2
dav: 0.4.0
federatedfilesharing: 0.4.0
files: 1.5.2
files_external: 0.7.1
files_texteditor: 2.3.0
market: 0.5.0
user_ldap: 0.15.0
Disabled:
comments
configreport
encryption
external
federation
files_sharing
files_trashbin
files_versions
files_videoplayer
firstrunwizard
notifications
oauth2
provisioning_api
systemtags
updatenotification
user_external
[root@owncloud10 owncloud]#

Are you using external storage, if yes which one: local/smb/sftp/…
No
Are you using encryption: yes/no
No

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…

LDAP configuration (delete this part if not used)

Client configuration

Google Chrome Versión 79.0.3945.130 | Firefox 72.0.1 (64-bit)
Operating system:
Linux Mint

Logs

no records found

Web server error log

10.202.10.38 - - [10/Feb/2020:09:20:59 -0300] “POST /index.php/login HTTP/1.1” 303 - “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”
10.202.10.38 - - [10/Feb/2020:09:20:59 -0300] “GET /index.php/login?user=marcelo.lemos HTTP/1.1” 200 8470 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”
10.202.10.38 - - [10/Feb/2020:09:21:00 -0300] “GET /index.php/core/js/oc.js?v=3f2dd419b2c0abc5461f6f4458c01209 HTTP/1.1” 200 2268 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”
10.202.10.38 - - [10/Feb/2020:09:21:00 -0300] “GET /core/vendor/browser-update/browser-update.js?_=1581337267354 HTTP/1.1” 200 23636 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”
10.202.10.38 - - [10/Feb/2020:09:21:00 -0300] “GET /cron.php HTTP/1.1” 200 20 “-” “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36”

ownCloud log (data/owncloud.log)

{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:2,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“user_ldap”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“Configuration Error (prefix s02): No LDAP User Display Name given!”}
{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:2,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“user_ldap”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“Configuration Error (prefix s02): No LDAP User Display Name given!”}
{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:0,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“OC\User\Session::login”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“regenerating session id for uid marcelo.lemos, password set”}
{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:0,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“OC\Authentication\Token\DefaultTokenProvider::getToken”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“token ffb3d55fb58dbf224cf0b12bd60696e6fc1917d42ea8144a8b2ce7662708e1351687b7cd90ebce64e1440679b862b1c666e81d66c7e6941aa001864007d41e88 does not exist”}
{“reqId”:“XkFH@rZmah2278Cbl@VDQQAAAAg”,“level”:0,“time”:“2020-02-10T12:09:30+00:00”,“remoteAddr”:“10.202.10.38”,“user”:"–",“app”:“OC\User\Session::validateToken”,“method”:“POST”,“url”:"/index.php/login?user=marcelo.lemos",“message”:“token ffb3d55fb58dbf224cf0b12bd60696e6fc1917d42ea8144a8b2ce7662708e1351687b7cd90ebce64e1440679b862b1c666e81d66c7e6941aa001864007d41e88, not found”}

Browser log

no records found

dmitry · February 10, 2020, 3:47pm

Why nextcloud/data

wrong forum?

eneubauer · February 11, 2020, 9:27am

Create a local admin on the command line using the occ command and correct your configuration errors in the LDAP settings.

maniat1k · March 6, 2020, 7:35pm

nah just a couple other tests: /nextcloud/data is a mounted filesystem.

Fixed the error by myself objectclass and a couple of details where found. because I changed from one ldap to another by people forgot to tell me there where a couple of changes on it.

Thanks anyway!