New users are not created from LDAP

ldap
nc13
#1

Nextcloud version (eg, 12.0.2): 13.1
Operating system and version (eg, Ubuntu 17.04): CentOS Linux release 7.4.1708 (Core)
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.6 (CentOS)
PHP version (eg, 7.1): PHP 7.1.16

The issue you are facing:
We’ve migrated from ownCloud three weeks ago.
Today we found that new users are not appearing in NextCloud and unable to authenticate.
Old users that were created before migration work fine.

Is this the first time you’ve seen this error? (Y/N): Yes

Steps to replicate it:

  1. Migrate from ownCloud

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'onlyoffice' => 
  array (
    'verify_peer_off' => true,
  ),
  'instanceid' => '',
  'passwordsalt' => '',
  'secret' => '',
  'trusted_domains' => 
  array (
    0 => '',
    1 => '',
    2 => '',
  ),
  'datadirectory' => '/opt/cloud/data/',
  'overwrite.cli.url' => 'http://',
  'dbtype' => 'mysql',
  'version' => '13.0.1.1',
  'installed' => true,
  'trashbin_retention_obligation' => 60,
  0 => 90,
  'mail_smtpmode' => 'smtp',
  'mail_from_address' => 'itservice',
  'mail_domain' => '',
  'mail_smtphost' => '',
  'mail_smtpport' => '465',
  'mail_smtpauthtype' => 'LOGIN',
  'loglevel' => 1,
  'mail_smtpsecure' => 'ssl',
  'forcessl' => false,
  'forceSSLforSubdomains' => true,
  'ldapIgnoreNamingRules' => false,
  'theme' => '',
  'maintenance' => false,
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'filelocking.enabled' => 'true',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => 'localhost',
    'port' => 6379,
    'timeout' => 0,
    'password' => '',
  ),
  'mail_smtpauth' => 1,
  'mail_smtpname' => '',
  'mail_smtppassword' => '',
  'dbname' => 'owncloud',
  'dbhost' => '127.0.0.1',
  'dbuser' => 'apache',
  'dbpassword' => '',
  'logtimezone' => 'Europe/Moscow',
  'log_rotate_size' => 104857600,
  'htaccess.RewriteBase' => '/',
  'user_backends' => 
  array (
    0 => 
    array (
      'class' => 'OCA\\ZimbraDrive\\Auth\\ZimbraUsersBackend',
      'arguments' => 
      array (
      ),
    ),
  ),
  'appstore.experimental.enabled' => true,
  'ldapProviderFactory' => '\\OCA\\User_LDAP\\LDAPProviderFactory',
);

The output of your Apache/nginx/system log in /var/log/____:


0 Likes

#2

We fixed it by disabling empty $name check in apps/user_ldap/lib/access.php

//if($name === '') {

// throw new \InvalidArgumentException('provided name template for username does not contain any allowed characters');

//}

Perhaps it’s related to cyrylic character or encoding conversion.

1 Like

#3

I have the same issue. NC Release is 13.0.2. Ldap is Active Directory.
Strange thing: “Initial Imported Users work” but when i create a new user in active directory, i get the same issue like Alex_Podosenin.
I don’t touched the working config, so how can i ensure the right encoding or something

	InvalidArgumentException: provided name template for username does not contain any allowed characters
/var/www/html/nextcloud/apps/user_ldap/lib/Access.php - line 585: OCA\User_LDAP\Access->sanitizeUsername('')
/var/www/html/nextcloud/apps/user_ldap/lib/Access.php - line 523: OCA\User_LDAP\Access->dn2ocname('cn=xxx...', 'XXX...', true)
/var/www/html/nextcloud/apps/user_ldap/lib/User/Manager.php - line 258: OCA\User_LDAP\Access->dn2username('cn=...')
/var/www/html/nextcloud/apps/user_ldap/lib/User_LDAP.php - line 190: OCA\User_LDAP\User\Manager->get('cn=...')
[internal function] OCA\User_LDAP\User_LDAP->checkPassword(*** sensitive parameters replaced ***)
/var/www/html/nextcloud/apps/user_ldap/lib/User_Proxy.php - line 81: call_user_func_array(Array, Array)
/var/www/html/nextcloud/apps/user_ldap/lib/Proxy.php - line 152: OCA\User_LDAP\User_Proxy->walkBackends('xxx', 'checkPassword', Array)
/var/www/html/nextcloud/apps/user_ldap/lib/User_Proxy.php - line 196: OCA\User_LDAP\Proxy->handleRequest('xxx', 'checkPassword', Array)
/var/www/html/nextcloud/lib/private/User/Manager.php - line 204: OCA\User_LDAP\User_Proxy->checkPassword(*** sensitive parameters replaced ***)
/var/www/html/nextcloud/core/Controller/LoginController.php - line 254: OC\User\Manager->checkPasswordNoLogging(*** sensitive parameters replaced ***)
[internal function] OC\Core\Controller\LoginController->tryLogin(*** sensitive parameters replaced ***)
/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 161: call_user_func_array(Array, Array)
/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 91: OC\AppFramework\Http\Dispatcher->executeController(Object(OC\Core\Controller\LoginController), 'tryLogin')
/var/www/html/nextcloud/lib/private/AppFramework/App.php - line 115: OC\AppFramework\Http\Dispatcher->dispatch(Object(OC\Core\Controller\LoginController), 'tryLogin')
/var/www/html/nextcloud/lib/private/AppFramework/Routing/RouteActionHandler.php - line 47: OC\AppFramework\App main('OC\\Core\\Control...', 'tryLogin', Object(OC\AppFramework\DependencyInjection\DIContainer), Array)
[internal function] OC\AppFramework\Routing\RouteActionHandler->__invoke(Array)
/var/www/html/nextcloud/lib/private/Route/Router.php - line 297: call_user_func(Object(OC\AppFramework\Routing\RouteActionHandler), Array)
/var/www/html/nextcloud/lib/base.php - line 999: OC\Route\Router->match('/login')
/var/www/html/nextcloud/index.php - line 37: OC handleRequest()
{main}
0 Likes

#4

That solves my bug with the Version 15 branch.

Not sure why, cause name only includes latin1 chars. Name is fine filled and shown, so it can’t equals ‘’…

0 Likes

#5

Same Bug with 14.X (preconfigured ucs).

Seems also


had the same problems. Also the group sync isn’t working anymore. Even the ldap config counts everything fine and said everything is fine.

0 Likes