LDAP error in 14.0.4 after changing lost password link behaviour (Bind failed: 50: Insufficient access)

nc14

#1

Hi guys,

I updated my NC yesterday to the latest version (14.0.3 -> 14.0.4) and am encountering a small issue.

I am using a LDAP connection and pull all my user from the LDAP server, so they can login with their username and LDAP password. Since we have the issue in the current releases, that we really cannot hide the “Lost password” link, I amended the LoginController.php to my needs, so I can hide the “Lost password” link.

After the current update (14.0.4) I had to change these lines again, as it has been overwritten by the update (no big deal) but now when a user enters a wrong password, they get greated by an internal server error message, where as with the previous version, they only got a “Wrong password” message.

What have I done?

I amended this file: core/Controller/LoginController.php (https://github.com/nextcloud/server/commit/b776c3b89f4d772c9ed478acd0d998c0cda52971)

Now I added the following to: config/config.php

'lost_password_link' => 'disabled',

Error message the user is getting when mistyping their password:

## Internal Server Error

The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.

### Technical details

* Remote Address: xx.xx.xx.xx
* Request ID: W-0bdS5Mv45pC6N835-9WAAAAAc

Checking the server log file, I find this:

Error	index	OC\ServerNotAvailableException: Connection to LDAP server could not be established	2018-11-27T11:03:28+0100
Error	user_ldap	No LDAP Connection to server MYLDAPSERVER	2018-11-27T11:03:28+0100
Warning	user_ldap	Bind failed: 50: Insufficient access	2018-11-27T11:03:28+0100

But as soon as we enter the correct password, it is working fine. I am 100% sure that it has nothing to do with our LDAP server, because the LDAP server is running fine, it must be something in NC triggering this message after changing the “Lost password” link behaviour.

I know that my change is not commited yet but this could cause some trouble if it is being commited and released in the future!