Invalid Credentials: 49 error when user restricted to log into domain controller

ℹ️ Support
,
1
Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

Hey,

LDAP users can log into nextcloud webapp ONLY when theyre allowed to logon into domain controller whis is insecure.  Is there any workaround for this?

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 20.0.5): 28.03
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04
Apache or nginx version (eg, Apache 2.4.25): 2.4.59
PHP version (eg, 7.4): 8.1

The issue you are facing:

LDAP users can’t log into nextclou wbapp if they’re denied from domain controller login

Is this the first time you’ve seen this error? (Y/N): N

Steps to replicate it:

  1. Try to log in with LDAP login and password via webapp
  2. App says credentials are incorrect (which obviously is false, credentials works after adding domain controller logon)

The output of your Nextcloud log in Admin > Logging:

{
  "reqId": "iUwk76R9w3XqRGmmd9nB",
  "level": 2,
  "time": "2024-04-05T08:14:33+00:00",
  "remoteAddr": "xxxxxxxxxxx",
  "user": "xxxxxx",
  "app": "no app in context",
  "method": "POST",
  "url": "xxxx",
  "message": "Login failed: itest Remote IP: xxxxxxxxx,
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0",
  "version": "28.0.3.2",
  "data": [],
  "id": "661639a137937"
}

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

PASTE HERE

The output of your Apache/nginx/system log in /var/log/____:

PASTE HERE

PASTE HERE


Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

PASTE HERE
{
  "reqId": "pX9zWqJ1TTXGOpubdnHi",
  "level": 2,
  "time": "2024-04-05T08:19:02+00:00",
  "remoteAddr:xxxxxx,
  "user": "--",
  "app": "user_ldap",
  "method": "POST",
  "url": "/index.php/login",
  "message": "Bind failed: 49: Invalid credentials",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0",
  "version": "28.0.3.2",
  "data": {
    "app": "user_ldap"
  },
  "id": "661639a137918"
}