(LDAP) Max login failed reached for user

Infos:

• Used Zammad version: 4.1.0-1630433533.db312693.focal
• Used Zammad installation type: deb
• Operating system: Ubuntu 20
• Browser + version: any

Expected behavior:

• Login via LDAP possible

Actual behavior:

• Unable to login with LDAP users:

I, [2021-09-23T14:09:05.000331 #879315-70050590181800]  INFO -- : Started POST "/api/v1/signin" for 192.168.1.166 at 2021-09-23 14:09:05 +0200
I, [2021-09-23T14:09:05.006739 #879315-70050590181800]  INFO -- : Processing by SessionsController#create as JSON
I, [2021-09-23T14:09:05.006815 #879315-70050590181800]  INFO -- :   Parameters: {"username"=>"name.surname", "password"=>"[FILTERED]", "fingerprint"=>
"1877712558"}
I, [2021-09-23T14:09:05.008653 #879315-70050590181800]  INFO -- : Max login failed reached for user name.surname.
I, [2021-09-23T14:09:05.008801 #879315-70050590181800]  INFO -- : Login failed. Have you double-checked your credentials and completed the email verific
ation step? (Exceptions::NotAuthorized)
/opt/zammad/app/controllers/application_controller/authenticates.rb:175:in `raise_unified_login_error'
/opt/zammad/app/controllers/application_controller/authenticates.rb:149:in `authenticate_with_password'
/opt/zammad/app/controllers/sessions_controller.rb:10:in `create'
/opt/zammad/vendor/bundle/ruby/2.6.0/gems/actionpack-5.2.4.6/lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
/opt/zammad/vendor/bundle/ruby/2.6.0/gems/actionpack-5.2.4.6/lib/abstract_controller/base.rb:194:in `process_action'
/opt/zammad/vendor/bundle/ruby/2.6.0/gems/actionpack-5.2.4.6/lib/action_controller/metal/rendering.rb:30:in `process_action'
/opt/zammad/vendor/bundle/ruby/2.6.0/gems/actionpack-5.2.4.6/lib/abstract_controller/callbacks.rb:42:in `block in process_action'
/opt/zammad/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.4.6/lib/active_support/callbacks.rb:109:in `block in run_callbacks'
/opt/zammad/app/controllers/application_controller/has_secure_content_security_policy_for_downloads.rb:18:in `block (4 levels) in <module:HasSecureConte
ntSecurityPolicyForDownloads>'
/opt/zammad/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.4.6/lib/active_support/notifications.rb:180:in `subscribed'
/opt/zammad/app/controllers/application_controller/has_secure_content_security_policy_for_downloads.rb:17:in `block (3 levels) in <module:HasSecureConte
ntSecurityPolicyForDownloads>'
/opt/zammad/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.4.6/lib/active_support/notifications.rb:180:in `subscribed'
/opt/zammad/app/controllers/application_controller/has_secure_content_security_policy_for_downloads.rb:16:in `block (2 levels) in <module:HasSecureConte
ntSecurityPolicyForDownloads>'

Steps to reproduce the behavior:

• Configure LDAP against Samba Active Directory server
• Login using LDAP user

The LDAP configuration is correct, LDAP sync completes without errors and shows users.

Something weird is going on with all LDAP users. Apparently every time a LDAP sync is run permissions are lost.

Also in the activity bar I see no user name, while they are present in the user list.

This is an OTRS import, I don’t know if it can matter.

immagine273×627 38.6 KB

This was (apparently) fixed with proper roles in LDAP configuration.

I’ll probably have to do something similar soon.
care to share what you did?

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.