LukasReschke
commented
9 years ago @blizzz Ideas?
Closed PhilHealthCare closed 7 years ago
LukasReschke
commented
9 years ago @blizzz Ideas?
blizzz
commented
9 years ago Password reset does not work for LDAP users as we do not write to LDAP.
The login filter looks good, except if the primary group of those users is owncloud_USERS. To include those, you need to add primaryGroupID=1234 (with 1234 being the ID of that group) to the filter. Meanwhile, the wizard should do it itself, so you could recreate user and login filter there. If this is the reason.
But otherwise the configuration looks ok. If that's not it, please also provide the owncloud log.
Oh, and can you verify please that mbstring module for PHP is installed?
PhilHealthCare
commented
9 years ago Hi @blizzz, The problem is that owncloud is not reading any passwords. I tried to reset users' passwords from active directory, but owncloud still won't authenticate.
I have tried reconfiguring the filter, I also tried using a different primary group. Still the same result.
The owncloud log is 94mb big. And I'm afraid there are sensitive data within it.
mbstring is installed for PHP.
blizzz
commented
9 years ago The problem is that owncloud is not reading any passwords.
Nah, that's not a problem. ownCloud attempts an LDAP bind with the detected user and the provided password.
How does you login filter look right now?
PhilHealthCare
commented
9 years ago (&(|(objectclass=person))(|(sAMAccountName=%uid))(|(primaryGroupId=S-1-5-21-2416625612-2250434518-3792794180-4187)))
Did I do it correctly? Still can't login.
blizzz
commented
9 years ago No, the primaryGroupId is short, IIRC (did not doublcheck) the last part of the SID you used. Try with
(&(|(objectclass=person))(|(sAMAccountName=%uid))(|(primaryGroupId=4187)))
foi
commented
9 years ago I have this trouble too... Test Environment: CentOS 7.1 x64 LDAP server - windows server 2012 r2 with Ad role php 5.4, 5.5, 5.6 from webtatic.com repo Clean owncloud 8.0.3,8.0.4,8.0.5 MariaDB 5.5 nginx 1.9.3 only http on 80 port + php-fpm
Cannot login even with this (&(|(objectclass=person))(|(sAMAccountName=%uid))(|(primaryGroupId=SomePrimaryGroupID)))
Reading groups and usernames from AD works properly.
In OC log get this: Login failed: 'username' (Remote IP: '192.168.6.6', X-Forwarded-For: '')
A trying analyze with wireshark and get this:
67 68 154.652251 192.168.7.92 -> 192.168.7.27 TCP 74 53192 > ldap [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=235807874 TSecr=0 WS=128
69 154.652739 192.168.7.27 -> 192.168.7.92 TCP 74 ldap > 53192 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 TSval=211938134 TSecr=235807874
70 154.652781 192.168.7.92 -> 192.168.7.27 TCP 66 53192 > ldap [ACK] Seq=1 Ack=1 Win=14720 Len=0 TSval=235807875 TSecr=211938134
71 154.652855 192.168.7.92 -> 192.168.7.27 LDAP 97 extendedReq(1) LDAP_START_TLS_OID
72 154.653663 192.168.7.27 -> 192.168.7.92 LDAP 197 extendedResp(1) (00000000: LdapErr: DSID-0C090F78, comment: Error initializing SSL/TLS, data 0, v2580) LDAP_START_TLS_OID
73 154.653693 192.168.7.92 -> 192.168.7.27 TCP 66 53192 > ldap [ACK] Seq=32 Ack=132 Win=15744 Len=0 TSval=235807876 TSecr=211938134
74 154.661051 192.168.7.92 -> 192.168.7.27 LDAP 138 bindRequest(2) "CN=ldap_ejabberd,CN=Users,DC=miacrh,DC=local" simple
75 154.662311 192.168.7.27 -> 192.168.7.92 LDAP 88 bindResponse(2) success
76 154.662728 192.168.7.92 -> 192.168.7.27 LDAP 368 searchRequest(3) "DC=domain,DC=local" wholeSubtree
77 154.663387 192.168.7.27 -> 192.168.7.92 LDAP 385 searchResRef(3) | searchResRef(3) | searchResRef(3) | searchResDone(3) success
78 154.677965 192.168.7.92 -> 192.168.7.27 LDAP 111 unbindRequest(4)
79 154.677991 192.168.7.92 -> 192.168.7.27 TCP 66 53192 > ldap [FIN, ACK] Seq=451 Ack=473 Win=16768 Len=0 TSval=235807900 TSecr=211938135
80 154.678878 192.168.7.27 -> 192.168.7.92 TCP 66 ldap > 53192 [ACK] Seq=473 Ack=452 Win=131328 Len=0 TSval=211938137 TSecr=235807900
81 154.678880 192.168.7.27 -> 192.168.7.92 TCP 60 ldap > 53192 [RST, ACK] Seq=473 Ack=452 Win=0 Len=0I don't undestand from this LDAP_START_TLS_OID happened! We use ldap and 389 port! Not an ldaps
blizzz
commented
9 years ago @fol maybe TLS was detected false positively. Please check ./occ ldap:show-config. If ldapTLS is set to 1, turn it to 0 by using ./occ ldap:set-config ID ldapTLS 0 with ID being what is next to "Configration" on the printed table head, if empty write "".
blizzz
commented
9 years ago @PhilHealthCare any news?
foi
commented
9 years ago @blizzz Thanks for fast feedback! It was 0. ((
+------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Configuration | |
+------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| hasMemberOfFilterSupport | 0 |
| hasPagedResultSupport | |
| homeFolderNamingRule | attr:sAMAccountName |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | CN=ldap_oblako,CN=Users,DC=domain,DC=local |
| ldapAgentPassword | *** |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | DC=domain,DC=local |
| ldapBaseGroups | DC=domain,DC=local |
| ldapBaseUsers | DC=domain,DC=local |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 0 |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 1 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | sAMAccountName |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (&(|(objectclass=group))(|(cn=Users_Administracia)(cn=Users_InfoOtdel)(cn=Users_Miac)(cn=Users_Mo)(cn=Users_OtdelASU)(cn=Users_OtdelMedstat)(cn=Users_TechOtdel))) |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 1 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | uniqueMember |
| ldapHost | domain.local |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(&(|(objectclass=user))(|(memberof=CN=Users_Miac,OU=Users,OU=Miac,DC=miacrh,DC=local)(memberof=CN=Users_Mo,OU=Users,OU=Mo,DC=domain,DC=local)))(|(sAMAccountName=%uid))) |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 1 |
| ldapLoginFilterUsername | 1 |
| ldapNestedGroups | 0 |
| ldapNoCase | 1 |
| ldapOverrideMainServer | 0 |
| ldapPagingSize | 500 |
| ldapPort | 389 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserDisplayName | displayname |
| ldapUserFilter | (&(|(objectclass=user))(|(memberof=CN=Users_Miac,OU=Users,OU=Miac,DC=miacrh,DC=local)(memberof=CN=Users_Mo,OU=Users,OU=Mo,DC=domain,DC=local))) |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 1 |
| ldapUserFilterObjectclass | |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 1 |
+------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------+@blizzz after full reinstall php, oc, etc LDAP_START_TLS_OID dissapear
Current tshark output when i trying logging in from AD user, but still cannot login
[root@oblako1 ~]# tshark -f "port 389"
Running as user "root" and group "root". This could be dangerous.
Capturing on 'eth0'
1 0.000000 192.168.7.92 -> 192.168.7.88 TCP 74 33078 > ldap [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=216049061 TSecr=0 WS=128
2 0.000323 192.168.7.88 -> 192.168.7.92 TCP 74 ldap > 33078 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 TSval=114743272 TSecr=216049061
3 0.000367 192.168.7.92 -> 192.168.7.88 TCP 66 33078 > ldap [ACK] Seq=1 Ack=1 Win=14720 Len=0 TSval=216049062 TSecr=114743272
4 0.000458 192.168.7.92 -> 192.168.7.88 LDAP 134 bindRequest(1) "CN=ldap_oblako,CN=Users,DC=domain,DC=local" simple
5 0.003411 192.168.7.88 -> 192.168.7.92 LDAP 88 bindResponse(1) success
6 0.003444 192.168.7.92 -> 192.168.7.88 TCP 66 33078 > ldap [ACK] Seq=69 Ack=23 Win=14720 Len=0 TSval=216049065 TSecr=114743272
7 0.003844 192.168.7.92 -> 192.168.7.88 LDAP 264 searchRequest(2) "DC=domain,DC=local" wholeSubtree
8 0.005204 192.168.7.88 -> 192.168.7.92 LDAP 385 searchResRef(2) | searchResRef(2) | searchResRef(2) | searchResDone(2) success
9 0.034590 192.168.7.92 -> 192.168.7.88 LDAP 111 unbindRequest(3)
10 0.034613 192.168.7.92 -> 192.168.7.88 TCP 66 33078 > ldap [FIN, ACK] Seq=312 Ack=342 Win=15744 Len=0 TSval=216049096 TSecr=114743272
11 0.036336 192.168.7.88 -> 192.168.7.92 TCP 66 ldap > 33078 [ACK] Seq=342 Ack=313 Win=131328 Len=0 TSval=114743275 TSecr=216049096
12 0.036338 192.168.7.88 -> 192.168.7.92 TCP 54 ldap > 33078 [RST, ACK] Seq=342 Ack=313 Win=0 Len=0@blizzz my problem solved!!!
i miss packages php-pear, php-pecl-apcu, php-mbstring.
After installing this all works properly!
Sorry for bothering
blizzz
commented
9 years ago @foi no prob, glad it works for you now!
PhilHealthCare
commented
9 years ago Hi @blizzz, I have tried with (&(|(objectclass=person))(|(sAMAccountName=%uid))(|(primaryGroupId=4187))) still not working.
I have tried foi's solution by installing the packages, still no help.
Here are my current configurations:
<?php
$CONFIG = array (
'instanceid' => 'ocwqt5nmqwl4',
'passwordsalt' => ############,
'secret' => ##########,
'trusted_domains' =>
array (
0 => '10.106.150.33',
1 => 'msync.philcare.com.ph',
2 => '10.106.150.33',
3 => '10.106.150.33',
),
'datadirectory' => '/usr/share/nginx/html/owncloud/data',
'overwrite.cli.url' => 'https://10.106.150.33',
'dbtype' => 'mysql',
'version' => '8.0.0.7',
'dbname' => 'owncloud_db',
'dbhost' => 'localhost',
'dbtableprefix' => 'oc_',
'dbuser' => 'oc_pfpc_admin',
'dbpassword' => ###############,
'installed' => true,
'forcessl' => true,
'forceSSLforSubdomains' => true,
'mail_smtpmode' => 'smtp',
'mail_smtphost' => ##############,
'mail_smtpport' => '25',
'mail_from_address' => 'ITAdvisory',
'mail_domain' => 'philcare.com.ph',
'mail_smtpauthtype' => 'PLAIN',
'ldapIgnoreNamingRules' => false,
'loglevel' => 0,
);| |
| user_ldap | enabled | yes |
| user_ldap | installed_version | 0.5.0 |
| user_ldap | s01has_memberof_filter_support | 1 |
| user_ldap | s01home_folder_naming_rule | attr:displayname |
| user_ldap | s01last_jpegPhoto_lookup | 0 |
| user_ldap | s01ldap_agent_password | ########### |
| user_ldap | s01ldap_attributes_for_group_search | |
| user_ldap | s01ldap_attributes_for_user_search | displayname
samaccountname
mail |
| user_ldap | s01ldap_backup_host | |
| user_ldap | s01ldap_backup_port | |
| user_ldap | s01ldap_base | dc=philfirst,dc=com |
| user_ldap | s01ldap_base_groups | dc=philfirst,dc=com |
| user_ldap | s01ldap_base_users | dc=philfirst,dc=com |
| user_ldap | s01ldap_cache_ttl | 600 |
| user_ldap | s01ldap_configuration_active | 1 |
| user_ldap | s01ldap_display_name | displayname |
| user_ldap | s01ldap_dn | #########@philfirst.com |
| user_ldap | s01ldap_email_attr | mail |
| user_ldap | s01ldap_experienced_admin | 0 |
| user_ldap | s01ldap_expert_username_attr | samaccountname |
| user_ldap | s01ldap_expert_uuid_group_attr | |
| user_ldap | s01ldap_expert_uuid_user_attr | samaccountname |
| user_ldap | s01ldap_group_display_name | cn |
| user_ldap | s01ldap_group_filter | (&(|(objectclass=group))(|(cn=PCARE Sales_ABCTeam)(cn=PCARE_ACTUARIAL)(cn=PCARE_AMG_GROUP)(cn=PCARE_BUSINESSDEV)(cn=PCARE_CALLCENTER)(cn=PCARE_CLINIC)(cn=PCARE_COORD)(cn=PCARE_ClaimsReviewCommittee)(cn=PCARE_Executives)(cn=PCARE_FINANCE)(cn=PCARE_FIN_ADMIN)(cn=PCARE_FIN_Accounting)(cn=PCARE_FIN_TCD)(cn=PCARE_FRANCHISE)(cn=PCARE_GROW)(cn=PCARE_HR)(cn=PCARE_ITG)(cn=PCARE_ITGINFRA)(cn=PCARE_ITG_BAPM)(cn=PCARE_ITG_Mancom)(cn=PCARE_ITG_PM)(cn=PCARE_ITG_SYSDEV)(cn=PCARE_ITG_SYSOPS)(cn=PCARE_MANCOM)(cn=PCARE_MARKETING)(cn=PCARE_MEDICALSERVICES)(cn=PCARE_MKTG_AGENCY_SALES)(cn=PCARE_MKTG_AMG)(cn=PCARE_MKTG_CORP_SALES)(cn=PCARE_MS_CLINIC_MEGAMALL)(cn=PCARE_MS_CLINIC_QC)(cn=PCARE_MS_CLINIC_UN)(cn=PCARE_MS_HealthcareCoordination)(cn=PCARE_MS_HospitalLiasonServices)(cn=PCARE_MS_NetworkMgnt)(cn=PCARE_MS_ProviderRelations)(cn=PCARE_MS_VisMin)(cn=PCARE_OP)(cn=PCARE_OPERATIONS)(cn=PCARE_OPRTNS_BusinessCenter)(cn=PCARE_OPRTNS_COLLECTIONS)(cn=PCARE_OPRTNS_CSAD)(cn=PCARE_OPRTNS_CSAD_MgrSup)(cn=PCARE_OPRTNS_MSAD))) |
| user_ldap | s01ldap_group_filter_mode | 1 |
| user_ldap | s01ldap_group_member_assoc_attribute | member |
| user_ldap | s01ldap_groupfilter_groups | PCARE Sales_ABCTeam
PCARE_ACTUARIAL
PCARE_AMG_GROUP
PCARE_BUSINESSDEV
PCARE_CALLCENTER
PCARE_CLINIC
PCARE_COORD
PCARE_ClaimsReviewCommittee
PCARE_Executives
PCARE_FINANCE
PCARE_FIN_ADMIN
PCARE_FIN_Accounting
PCARE_FIN_TCD
PCARE_FRANCHISE
PCARE_GROW
PCARE_HR
PCARE_ITG
PCARE_ITGINFRA
PCARE_ITG_BAPM
PCARE_ITG_Mancom
PCARE_ITG_PM
PCARE_ITG_SYSDEV
PCARE_ITG_SYSOPS
PCARE_MANCOM
PCARE_MARKETING
PCARE_MEDICALSERVICES
PCARE_MKTG_AGENCY_SALES
PCARE_MKTG_AMG
PCARE_MKTG_CORP_SALES
PCARE_MS_CLINIC_MEGAMALL
PCARE_MS_CLINIC_QC
PCARE_MS_CLINIC_UN
PCARE_MS_HealthcareCoordination
PCARE_MS_HospitalLiasonServices
PCARE_MS_NetworkMgnt
PCARE_MS_ProviderRelations
PCARE_MS_VisMin
PCARE_OP
PCARE_OPERATIONS
PCARE_OPRTNS_BusinessCenter
PCARE_OPRTNS_COLLECTIONS
PCARE_OPRTNS_CSAD
PCARE_OPRTNS_CSAD_MgrSup
PCARE_OPRTNS_MSAD |
| user_ldap | s01ldap_groupfilter_objectclass | group |
| user_ldap | s01ldap_host | 172.16.108.5 |
| user_ldap | s01ldap_login_filter | (&(|(objectclass=person))(|(sAMAccountName=%uid))(|(primaryGroupId=4187))) |
| user_ldap | s01ldap_login_filter_mode | 1 |
| user_ldap | s01ldap_loginfilter_attributes | |
| user_ldap | s01ldap_loginfilter_email | 0 |
| user_ldap | s01ldap_loginfilter_username | 1 |
| user_ldap | s01ldap_nested_groups | 1 |
| user_ldap | s01ldap_nocase | 0 |
| user_ldap | s01ldap_override_main_server | 0 |
| user_ldap | s01ldap_paging_size | 500 |
| user_ldap | s01ldap_port | 389 |
| user_ldap | s01ldap_quota_attr | |
| user_ldap | s01ldap_quota_def | 5GB |
| user_ldap | s01ldap_tls | 0 |
| user_ldap | s01ldap_turn_off_cert_check | 0 |
| user_ldap | s01ldap_user_filter_mode | 0 |
| user_ldap | s01ldap_userfilter_groups | PCARE_USERS |
| user_ldap | s01ldap_userfilter_objectclass | person |
| user_ldap | s01ldap_userlist_filter | (&(|(objectclass=person))(|(memberof=CN=PCARE_USERS,OU=Network Groups,OU=PCARE,OU=PFPC,DC=philfirst,DC=com))) |
| user_ldap | types | authentication ":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"Ready for a paged search","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"initializing paged search for Filter (|(displayname=jgang*)(samaccountname=jgang*)(mail=jgang*)) base Array\n(\n [0] => cn=matabuena\\5c2C arthur r.,ou=users,ou=pcare,ou=pfpc,dc=philfirst,dc=com\n)\n attr Array\n(\n [0] => displayname\n)\n limit 500 offset 0","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"Ready for a paged search","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"initializing paged search for Filter (|(displayname=jgang*)(samaccountname=jgang*)(mail=jgang*)) base Array\n(\n [0] => cn=cabacang\\5c2C joevie maria l.,ou=disable account,ou=pcare,ou=pfpc,dc=philfirst,dc=com\n)\n attr Array\n(\n [0] => displayname\n)\n limit 500 offset 0","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"Ready for a paged search","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"initializing paged search for Filter (|(displayname=jgang*)(samaccountname=jgang*)(mail=jgang*)) base Array\n(\n [0] => cn=solatre\\5c2C marilou h.,ou=users,ou=pcare,ou=pfpc,dc=philfirst,dc=com\n)\n attr Array\n(\n [0] => displayname\n)\n limit 500 offset 0","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"Ready for a paged search","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"initializing paged search for Filter objectClass=* base Array\n(\n [0] => cn=pcare_oprtns_msad,ou=network groups,ou=pcare,ou=pfpc,dc=philfirst,dc=com\n)\n attr Array\n(\n [0] => primaryGroupToken\n)\n limit 500 offset 0","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"77c4d3f73aa5ee672703e05593a1fbbd","remoteAddr":"10.124.130.39","app":"user_ldap","message":"Ready for a paged search","level":0,"time":"2015-07-24T05:59:00+00:00","method":"GET","url":"\/index.php\/settings\/users\/groups?pattern=jgang&filterGroups=0"}
{"reqId":"ab62fc5a1ce69a60afe1cc7cff730dc5","remoteAddr":"10.124.130.39","app":"user_ldap","message":"No DN found for on 172.16.108.5","level":0,"time":"2015-07-24T05:59:02+00:00","method":"GET","url":"\/index.php\/core\/js\/oc.js?v=f60f9e7ad44ac99c98e316cb91822d03"}
{"reqId":"49b18c20e7f6316c1a082d513e936ddb","remoteAddr":"10.124.130.39","app":"core","message":"Login failed: 'jgang' (Remote IP: '10.124.130.39', X-Forwarded-For: '')","level":2,"time":"2015-07-24T05:59:12+00:00","method":"POST","url":"\/"}
{"reqId":"30b4e90723091cdf4a527c18898a36f1","remoteAddr":"10.124.130.39","app":"mail","message":"Mail from ownCloud (ITAdvisory@philcare.com.ph) to: jgang(Jonathan.Ang@philcare.com.ph) subject: ownCloud password reset","level":0,"time":"2015-07-24T05:59:15+00:00","method":"POST","url":"\/index.php\/lostpassword\/email"}
{"reqId":"f572ea2ae85f1c67278441f37512d4d6","remoteAddr":"10.124.130.39","app":"core","message":"Login failed: 'jgang' (Remote IP: '10.124.130.39', X-Forwarded-For: '')","level":2,"time":"2015-07-24T05:59:23+00:00","method":"POST","url":"\/"}
{"reqId":"cd8e00a4dae840ba20619d1baa34ea46","remoteAddr":"10.124.130.39","app":"user_ldap","message":"No DN found for on 172.16.108.5","level":0,"time":"2015-07-24T06:16:03+00:00","method":"GET","url":"\/index.php\/lostpassword\/reset\/form\/vgpQvPT8MLALiw3o5tOZx\/jgang"}any ideas @blizzz?
blizzz
commented
8 years ago Is the issue still around?
PhilHealthCare
commented
8 years ago Yes
blizzz
commented
8 years ago Oh, wait, maybe it's a classic. Is the displayname attribute for your users set? If not, change the display name attribute (advanced tab) to cn, for instance.
PVince81
commented
7 years ago Closing due to lack of feedback. Please cȟeck the displayname attribute and try with 9.0.5 or 9.1.1
lock[bot]
commented
5 years ago This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Steps to reproduce
Expected behaviour
owncloud should have its own password database, not dependent on AD
Actual behaviour
owncloud doesn't even recognize users' AD password.
Server configuration
Operating system: 64Bit CentOS 7
Web server: nginx
Database: mariadb
PHP version: php 5.4
ownCloud version: 8.0.4
Updated from an older ownCloud or fresh install: Fresh
List of activated apps: nginx mariadb php
Are you using external storage, if yes which one: local/smb/sftp/… no
Are you using encryption: yes/no no
Are you using an external user-backend, if yes which one: ActiveDirectory
LDAP configuration
Client configuration
Browser: Google Chome
Operating system: Windows 7, Android OS
Logs
Web server error log