[Bug]: Active directory accounts get blocked when you fail the login one time

[manolopm]

⚠️ This issue respects the following points: ⚠️

• [X] This is a bug, not a question or a configuration/webserver/proxy issue.
• [X] This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• [X] Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• [X] I agree to follow Nextcloud's Code of Conduct.

Bug description

I've configured the login against and AD. Everything it's functional, but when I fail the login, it launch 8 bind for the account and blocks it into the AD (and ip address its throttled in the nextcloud). I've capture the traffic with wireshark, checked that in 20.0.11 version of nextcloud the problem do not happen. I've tried to follow the code and even the checkPassword function from User_Proxy.php in user_ldap app it's called 8 times, so the problem I think comes from outside of user_ldap app.

Steps to reproduce

1. Configure an AD into user_ldap app in nextcloud
2. Configure a second AD into user_ldap app in nextcloud
3. Configure a third AD into user_ldap app in nextcloud
4. Try to fail the login
5. The AD account gets blocked by a lot of failed logins

Expected behavior

1. Configure an AD into user_ldap app in nextcloud
2. Configure a second AD into user_ldap app in nextcloud
3. Configure a third AD into user_ldap app in nextcloud
4. Try to fail the login
5. It fails one time and do not try to relogin automatically 8 times.

Installation method

Community Manual installation with Archive

Nextcloud Server version

28

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.2

Web server

Nginx

Database engine version

MySQL

Is this bug present after an update or on a fresh install?

Fresh Nextcloud Server install

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

• [X] Default user-backend (database)
• [X] LDAP/ Active Directory
• [ ] SSO - SAML
• [ ] Other

Configuration report

{
    "system": {
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "localhost",
            "nextcloud.mydomain.local"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "28.0.3.2",
        "overwrite.cli.url": "http:\/\/localhost",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "logfile": "\/var\/www\/nextcloud\/data\/nextcloud.log",
        "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
        "default_phone_region": "IT",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "default_language": "en",
        "maintenance_window_start": 1,
        "maintenance": false,
        "theme": "",
        "loglevel": 0,
        "quota_include_external_storage": true,
        "profile.enabled": false
    }
}

List of activated Apps

Enabled:
  - activity: 2.20.0
  - cloud_federation_api: 1.11.0
  - dav: 1.29.1
  - federatedfilesharing: 1.18.0
  - files: 2.0.0
  - files_external: 1.20.0
  - files_pdfviewer: 2.9.0
  - files_trashbin: 1.18.0
  - files_versions: 1.21.0
  - logreader: 2.13.0
  - lookup_server_connector: 1.16.0
  - notifications: 2.16.0
  - oauth2: 1.16.3
  - password_policy: 1.18.0
  - photos: 2.4.0
  - privacy: 1.12.0
  - provisioning_api: 1.18.0
  - recommendations: 2.0.0
  - related_resources: 1.3.0
  - serverinfo: 1.18.0
  - settings: 1.10.1
  - support: 1.11.0
  - text: 3.9.1
  - theming: 2.3.0
  - twofactor_backupcodes: 1.17.0
  - user_ldap: 1.19.0
  - viewer: 2.2.0
  - workflowengine: 2.10.0
Disabled:
  - admin_audit: 1.18.0
  - bruteforcesettings: 2.8.0
  - circles: 28.0.0-dev (installed 28.0.0-dev)
  - comments: 1.18.0 (installed 1.18.0)
  - contactsinteraction: 1.9.0 (installed 1.9.0)
  - dashboard: 7.8.0 (installed 7.8.0)
  - encryption: 2.16.0
  - federation: 1.18.0 (installed 1.18.0)
  - files_reminders: 1.1.0 (installed 1.1.0)
  - files_sharing: 1.20.0 (installed 1.20.0)
  - firstrunwizard: 2.17.0 (installed 2.17.0)
  - nextcloud_announcements: 1.17.0 (installed 1.17.0)
  - sharebymail: 1.18.0 (installed 1.18.0)
  - survey_client: 1.16.0 (installed 1.16.0)
  - suspicious_login: 6.0.0
  - systemtags: 1.18.0 (installed 1.18.0)
  - twofactor_totp: 10.0.0-beta.2
  - updatenotification: 1.18.0 (installed 1.18.0)
  - user_status: 1.8.1 (installed 1.8.1)
  - weather_status: 1.8.0 (installed 1.8.0)

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

In order to make it clear only copy the message that shows the problem:

  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc01.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=service,ou=mydomain_users_service,DC=mydomain,DC=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc01.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=user01,ou=mydomain_users,dc=mydomain,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "LDAP error Invalid credentials (49) after calling ldap_bind",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_error with parameters [{}]",
  "message": "Bind failed: 49: Invalid credentials",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc01.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=user01,ou=mydomain_users,dc=mydomain,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "LDAP error Invalid credentials (49) after calling ldap_bind",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_error with parameters [{}]",
  "message": "Bind failed: 49: Invalid credentials",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc02.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=service,ou=mydomain_users_service,DC=mydomain,DC=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc02.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=user01,ou=mydomain_users,dc=mydomain,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "LDAP error Invalid credentials (49) after calling ldap_bind",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_error with parameters [{}]",
  "message": "Bind failed: 49: Invalid credentials",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc03.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=service,ou=mydomain_users_service,DC=mydomain,DC=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc03.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=user01,ou=mydomain_users,dc=mydomain,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "LDAP error Invalid credentials (49) after calling ldap_bind",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_error with parameters [{}]",
  "message": "Bind failed: 49: Invalid credentials",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc01.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=user01,ou=mydomain_users,dc=mydomain,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "LDAP error Invalid credentials (49) after calling ldap_bind",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_error with parameters [{}]",
  "message": "Bind failed: 49: Invalid credentials",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc01.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=user01,ou=mydomain_users,dc=mydomain,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "LDAP error Invalid credentials (49) after calling ldap_bind",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_error with parameters [{}]",
  "message": "Bind failed: 49: Invalid credentials",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc02.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=user01,ou=mydomain_users,dc=mydomain,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "LDAP error Invalid credentials (49) after calling ldap_bind",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_error with parameters [{}]",
  "message": "Bind failed: 49: Invalid credentials",
  "message": "initializing paged search for filter (sAMAccountName=user01), base DC=mydomain,DC=local, attr [\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"], pageSize 500, offset 0",
  "message": "Ready for a paged search",
  "message": "Calling LDAP function ldap_search with parameters [{},\"DC=mydomain,DC=local\",\"(sAMAccountName=user01)\",[\"entryuuid\",\"nsuniqueid\",\"objectguid\",\"guid\",\"ipauniqueid\",\"dn\",\"uid\",\"samaccountname\",\"memberof\",\"mail\",\"displayname\",\"jpegphoto\",\"thumbnailphoto\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":500,\"cookie\":\"\"},\"iscritical\":false}]]",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_get_entries with parameters [{},{}]",
  "message": "Calling LDAP function ldap_parse_result with parameters [{},{}]",
  "message": "Calling LDAP function ldap_connect with parameters [\"ldaps:\\/\\/dc03.mydomain.local:636\"]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},17,3]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},8,0]",
  "message": "Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]",
  "message": "Calling LDAP function ldap_bind with parameters [{},\"cn=user01,ou=mydomain_users,dc=mydomain,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]",
  "message": "LDAP error Invalid credentials (49) after calling ldap_bind",
  "message": "Calling LDAP function ldap_errno with parameters [{}]",
  "message": "Calling LDAP function ldap_error with parameters [{}]",
  "message": "Bind failed: 49: Invalid credentials",
  "message": "Login failed: user01 (Remote IP: 192.168.100.6)",
  "message": "Bruteforce attempt from \"192.168.100.6\" detected for action \"login\".",
  "message": "IP address throttled because it reached the attempts limit in the last 30 minutes [action: login, delay: 200, ip: 192.168.100.6]",
  "message": "Calling LDAP function ldap_unbind with parameters [{}]",
  "message": "Calling LDAP function ldap_unbind with parameters [{}]",
  "message": "Calling LDAP function ldap_unbind with parameters [{}]",

Additional info

No response

[manolopm]

I've tried to reduce the problem removing the other 2 AD in the configuration. Even with one AD it tries a lot of times to login but It doesn't reach to block the account in the AD because nextcloud detected as a bruteforce and block the request before it blocks the account. So the problem happens even with one AD server.

[manolopm]

I think maybe could be related with the double check of the password to each backend related to urlencoded password (method checkPasswordNoLoggin in lib/private/User/Manager.php)