Failed to login after update to v1.65

[thardev]

Describe the bug

Tried to login from Element with my account after upgrading to v1.65 and login failed saying username or password incorrect.

Context

• Hardware: Other ARM board
• YunoHost version: 11.0.9.12
• I have access to my server: Through SSH
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no

Steps to reproduce

• If the error occurs in your browser, explain what you did:
  1. Go to Element web app
  2. Enter user and password
  3. Click login
  4. See incorrect username or password error

Expected behavior

Successful login.

Additional info

I can't provide logs but I did investigate a bit and I found out that it is related to the LDAP config part:

modules:
 - module: "ldap_auth_provider.LdapAuthProviderModule"
   config:
     enabled: true
     mode: "search"
     uri: "ldap://localhost"
     start_tls: false
     base: "ou=users,dc=yunohost,dc=org"
     attributes:
        uid: "uid"
        mail: "mail"
        name: "givenName"
     bind_dn: synapse
     bind_password: PASSWORD
     filter: "(objectClass=posixAccount)"](filter: "(&(objectClass=posixAccount)(permission=cn=synapse.main,ou=permission,dc=yunohost,dc=org))")

After I commented out the last three config parameters (bind_dn, bind_password and filter) it started working again.

[xabirequejo]

Hi,

I have the same issue (Raspberry Pi 4). May I know where this file is located?

[MayeulC]

@xabirequejo That's /etc/matrix-synapse/homeserver.yaml

[xabirequejo]

Thank you very much

[jbastruz]

thank you for your help !!

[JimboJoe]

This forum post seems linked (with more logs).

[oceanlover-yuno]

@JimboJoe this is totally my issue. It seems that the CAS implementation is preferred but that breaks being able to encrypt.

[rosbeef]

Well, with element as private app. what I've done In /var/www/element/config.json

"embedded_pages": {
        "login_for_welcome": true
 }

In /etc/matrix-synapse/homeserver.yaml Enable cas Disable password Let LDAP as is

In my browser remove cookies

[oceanlover-yuno]

@rosbeef you need to comment out the 3 lines mentioned above. Bind_dn, bind_password, and filter. Then try logging in.

[rosbeef]

@rosbeef you need to comment out the 3 lines mentioned above. Bind_dn, bind_password, and filter. Then try logging in.

Sorry i would tell that without editing LDAP part (comment 3lines) works for me.

[oceanlover-yuno]

OK, I see. It worked for me that way as well, with the CAS login.

However, if you ever want to use Element on a mobile client or desktop application and have the same encrypted chats on each device, it might not work for you.

[rosbeef]

Humm OK. I did not needed that config certainly because all my android sessions are yet commected. I certainly need to do your config the day I need to connect new android device . So I will do what you tell. Thanks.

[pyrignis]

I'm not sure, what's the most proper way to solve this issue out of the two posted here? Do we have an ETA for it to be solved though a regular update? I think it's kind of a big deal for new accounts not to be able to log in through the app.

[thardev]

@pyrignis it is solved in the latest update (v1.67) so I'll close for now. See #337

[shukon]

For anyone wondering why it's not solved for them with v1.67: check if you're domain is flagged as "deceptive site" by google, https://forum.yunohost.org/t/google-flags-my-sites-as-dangerous-deceptive-site-ahead/20361/

[shukon]

Acutally, that wasn't the issue - the fix just did not get applied during the update to v1.67. We had to manually change bind_dn: entry in the homeserver.yaml, after that, the login worked again :)

[oceanlover-yuno]

You beat me to reporting this. After updating to 1.67 I still got the invalid DN syntax error so I just commented it out. I will try with using the correct bind_dn entry.

Oct 20, 2022 03:14:53 shukon - notifications at github.com @.***>:

Acutally, that wasn't the issue - the fix just did not get applied during the update to v1.67. We had to manually change bind_dn: entry in the homeserver.yaml, after that, the login worked again :)

— Reply to this email directly, view it on GitHub[https://github.com/YunoHost-Apps/synapse_ynh/issues/328#issuecomment-1285283999], or unsubscribe[https://github.com/notifications/unsubscribe-auth/A2YMIOJAFIXTO5TXFOVNIULWEELRPANCNFSM6AAAAAAQCJH4QA]. You are receiving this because you commented.[Tracking image][https://github.com/notifications/beacon/A2YMIOIZD4CDN5YEUQLXX43WEELRPA5CNFSM6AAAAAAQCJH4QCWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSMTPQJ6.gif]

[xabirequejo]

I just wanted to say that I haven't been able to sing in on new devices for months. I've tried different workarounds and some worked at first but then they stopped working for me.

Well, after 1.98.0~ynh1 update, it seems and I am once again able to sign in without any trick or fix (at least after a quick test).

Thank you very much.