Associate LDAP and SAML users doesn't work anymore

Technical assistance
1

Infos:

  • Used Zammad version: 6.0.0-1691139038.c2b281b3.focal
  • Used Zammad installation type: ubuntu repo
  • Operating system: ubuntu focal
  • Browser + version: chrome on windows 11

Expected behavior:

all users which exist in LDAP should be automatically associated with SSO users login in via SAML if they have the same email.

Actual behavior:

only users which already logged in using SSO months before get associated witht heir LDAP user when logging in to Zammad using SSO.

Steps to reproduce the behavior:

my LDAP-settings:
(mailprimaryaddress and email is the same value in my LDAP)

givenname firstname
sn lastname
mailprimaryaddress login
telephonenumber phone
mail email

my SAML setting:
NAME IDENTIFIZIERER FORMAT
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
UID ATTRIBUT-NAME
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

Login using SAML → Results in new user with their email-address and a number like “2” after the email.

1 Like
2

@MrGeneration maybe you can check this?

3

Hi @letmesetupthis. Not sure if it’s related, but did you check the setting auth_third_party_auto_link_at_inital_login'?

4

@fliebe92
hey there
yes, that’s already activated. sadly it still doesn’t work anymore.

5

I need to see if I can test this somehow. But this will take some time.

6

I could give you access to my Setup remotely. If I can share it via E-Mail.

7

This will not help because I cannot debug there etc. :slight_smile: