Open tsurai opened 5 years ago
Probably a duplicate of: https://github.com/RocketChat/Rocket.Chat/issues/10247
This may be related as well: https://github.com/RocketChat/Rocket.Chat/issues/12565
I think this was meant to be closed here: https://github.com/RocketChat/Rocket.Chat/issues/2642
With this PR: https://github.com/RocketChat/Rocket.Chat/pull/8372
There seem to be several other Issues all related - I haven't got the time to go through and tie them all up. Perhaps the OP would like to pull them all together?
Start with something like this:
Can we get an update on this? I have users with dual mail addresses in the LDAP.
I added "mail":"emails" to the sync settings and get the following error when trying to add a new user by auth on LDAP: (Rocketchat 3.5.1)
I20200903-11:36:31.204(2) server.js:200 LDAPSync ➔ error errorClass [Error]: LDAP Authentication succeeded, there is no email to create an account. Have you tried setting your Default Domain in LDAP Settings? [LDAP-login-error] at addLdapUser (app/ldap/server/sync.js:453:3) at MethodInvocation.<anonymous> (app/ldap/server/loginHandler.js:147:17) at packages/accounts-base/accounts_server.js:462:31 at tryLoginMethod (packages/accounts-base/accounts_server.js:1291:14) at AccountsServer._runLoginHandlers (packages/accounts-base/accounts_server.js:460:22) at AccountsServer.Accounts._runLoginHandlers (app/lib/server/lib/loginErrorMessageOverride.js:7:35) at MethodInvocation.methods.login (packages/accounts-base/accounts_server.js:520:31) at maybeAuditArgumentChecks (packages/ddp-server/livedata_server.js:1771:12) at packages/ddp-server/livedata_server.js:719:19 at Meteor.EnvironmentVariable.EVp.withValue (packages/meteor.js:1234:12) at packages/ddp-server/livedata_server.js:717:46 at Meteor.EnvironmentVariable.EVp.withValue (packages/meteor.js:1234:12) at packages/ddp-server/livedata_server.js:715:46 at new Promise (<anonymous>) at Session.method (packages/ddp-server/livedata_server.js:689:23) at packages/ddp-server/livedata_server.js:559:43 { isClientSafe: true, error: 'LDAP-login-error', reason: 'LDAP Authentication succeeded, there is no email to create an account. Have you tried setting your Default Domain in LDAP Settings?', details: undefined, message: 'LDAP Authentication succeeded, there is no email to create an account. Have you tried setting your Default Domain in LDAP Settings? [LDAP-login-error]', errorType: 'Meteor.Error' }
without "mail":"emails" rocketchat would garble up the email address completely and only store some octal(?) represention of garbage in the email field, which leads to the inability of users to write in chats.
my workaround is currently to omit the "mail":"email" and "mail":"emails" sync attributes and let rocketchat create the mail address from the username + default domain instead.
Description:
LDAP entries of user with multiple email addresses fail to parse rendering them unable to login.
Steps to reproduce:
Try to login or sync data of a user with multiple email LDAP entries.
Expected behavior:
The first email that has been found should be used as the users email address.
Actual behavior:
Login and data sync fails for users with multiple email addresses.
Server Setup Information:
Additional context
This is similar to a previous issue #2642 that has supposedly been fixed. I'm using FreeIPA as the LDAP provider.
Relevant logs: