server
server copied to clipboard
nextcloud
[Bug]: after changing ldap password in AD user still logged in, but data not stored...
⚠️ This issue respects the following points: ⚠️
- [X] This is a bug, not a question or a configuration/webserver/proxy issue.
- [X] This issue is not already reported on Github (I've searched it).
- [X] Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
- [X] Nextcloud Server is running on 64bit capable CPU, PHP and OS.
- [X] I agree to follow Nextcloud's Code of Conduct.
Bug description
User is logged in to Nextcloud. After changing password in AD the login in the browser still exists. Doing anything in nextcloud brings up "internal server error". In some parts like in Deck, no error message appears. Frontend seems to work, but data is not stored. After the error message is displayed, the user uses "back" in the browser, then user can do the next action and will get the error again. Logging out the user from frontend would be better at this point.
Log-entry below, IP address and user-id changed for privacy reasons. Log is from producitve NC 24, but same problem in our test environment with NC 25.
Steps to reproduce
- log in to nextcloud in browser
- change AD passwort in Windows
- do things in Nextcloud like upload files, create documents.... -> error message
Expected behavior
Logout user when stored credentials are wrong. Prevents error message for user and solves this problem.
Installation method
Community Manual installation with Archive
Operating system
Debian/Ubuntu
PHP engine version
PHP 8.1
Web server
Apache (supported)
Database engine version
MariaDB
Is this bug present after an update or on a fresh install?
None
Are you using the Nextcloud Server Encryption module?
Encryption is Disabled
What user-backends are you using?
- [ ] Default user-backend (database)
- [X] LDAP/ Active Directory
- [ ] SSO - SAML
- [ ] Other
Configuration report
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"localhost",
"****",
"****fqdn****"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"overwrite.cli.url": "https:\/\/******changed******\/nextcloud",
"dbtype": "mysql",
"version": "24.0.8.2",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"activity_expire_days": 21,
"trashbin_retention_obligation": "14, 14",
"proxy": "XX.XX.XXX.XXX:8080" ***changed for privacy reason****,
"proxyexclude": [
".r1660.ads.fiducia.de"
],
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"theme": "",
"default_language": "de_DE",
"default_locale": "de_DE",
"loglevel": 2,
"maintenance": false,
"debug": false,
"updater.release.channel": "stable",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "smtp",
"mail_sendmailmode": "smtp",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "25",
"default_phone_region": "DE",
"lost_password_link": "disabled",
"memcache.local": "\\OC\\Memcache\\APCu",
"ldapIgnoreNamingRules": false,
"ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
"allow_local_remote_servers": true,
"auth.bruteforce.protection.enabled": true,
"onlyoffice": {
"verify_peer_off": true
},
"app_install_overwrite": [
"files_mindmap",
"whiteboard"
]
}
}
List of activated Apps
Enabled:
- accessibility: 1.10.0
- activity: 2.16.0
- bbb: 2.4.0
- cloud_federation_api: 1.7.0
- comments: 1.14.0
- dashboard: 7.4.0
- dav: 1.22.0
- deck: 1.7.1
- drawio: 2.1.0
- external: 4.0.1
- federatedfilesharing: 1.14.0
- files: 1.19.0
- files_accesscontrol: 1.14.1
- files_mindmap: 0.0.27
- files_pdfviewer: 2.5.0
- files_rightclick: 1.3.0
- files_sharing: 1.16.2
- files_trashbin: 1.14.0
- files_versions: 1.17.0
- files_videoplayer: 1.13.0
- firstrunwizard: 2.13.0
- forms: 2.5.2
- impersonate: 1.11.1
- integration_zammad: 1.1.1
- logreader: 2.9.0
- lookup_server_connector: 1.12.0
- nextcloud_announcements: 1.13.0
- notifications: 2.12.1
- oauth2: 1.12.0
- password_policy: 1.14.0
- passwords: 2022.12.21
- photos: 1.6.0
- polls: 3.8.4
- privacy: 1.8.0
- provisioning_api: 1.14.0
- quicknotes: 0.8.1
- recommendations: 1.3.0
- richdocuments: 6.3.4
- richdocumentscode: 22.5.802
- riotchat: 0.14.1
- serverinfo: 1.14.0
- settings: 1.6.0
- spreed: 14.0.9
- support: 1.7.0
- systemtags: 1.14.0
- tasks: 0.14.5
- text: 3.5.1
- theming: 1.15.0
- twofactor_backupcodes: 1.13.0
- updatenotification: 1.14.0
- user_ldap: 1.14.1
- user_status: 1.4.0
- video_converter: 1.0.5
- viewer: 1.8.0
- whiteboard: 0.0.3
- workflowengine: 2.6.0
Disabled:
- admin_audit
- circles: 22.1.0
- contactsinteraction: 1.1.0
- encryption
- federation: 1.3.0
- files_external
- groupfolders: 12.0.3
- sharebymail: 1.10.0
- survey_client: 1.8.0
- theming_customcss: 1.12.0
- weather_status: 1.0.0
Nextcloud Signing status
No response
Nextcloud Logs
{"reqId":"qqWGAunRmzgqxWyyQLho","level":2,"time":"2023-03-22T10:27:49+00:00","remoteAddr":"192.168.178.20","user":"430BXXXX-XXXX-XXXX-XXXX-1353BB23XXXX_1897","app":"user_ldap","method":"GET","url":"/nextcloud/index.php/settings/user","message":"Bind failed: 49: Invalid credentials","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46","version":"24.0.8.2","data":{"app":"user_ldap"}}
{"reqId":"qqWGAunRmzgqxWyyQLho","level":2,"time":"2023-03-22T10:27:49+00:00","remoteAddr":"192.168.178.20","user":"430BXXXX-XXXX-XXXX-XXXX-1353BB23XXXX_1897","app":"user_ldap","method":"GET","url":"/nextcloud/index.php/settings/user","message":"Bind failed: 49: Invalid credentials","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46","version":"24.0.8.2","data":{"app":"user_ldap"}}
{"reqId":"qqWGAunRmzgqxWyyQLho","level":2,"time":"2023-03-22T10:27:49+00:00","remoteAddr":"192.168.178.20","user":"430BXXXX-XXXX-XXXX-XXXX-1353BB23XXXX_1897","app":"passwords","method":"GET","url":"/nextcloud/index.php/settings/user","message":"Login attempt with invalid session for 430BXXXX-XXXX-XXXX-XXXX-1353BB23XXXX_1897","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46","version":"24.0.8.2","data":{"app":"passwords"}}
{"reqId":"qqWGAunRmzgqxWyyQLho","level":3,"time":"2023-03-22T10:27:49+00:00","remoteAddr":"192.168.178.20","user":"430BXXXX-XXXX-XXXX-XXXX-1353BB23XXXX_1897","app":"index","method":"GET","url":"/nextcloud/index.php/settings/user","message":"Unable to verify user 430BXXXX-XXXX-XXXX-XXXX-1353BB23XXXX_1897","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.46","version":"24.0.8.2","exception":{"Exception":"Exception","Message":"Unable to verify user 430BXXXX-XXXX-XXXX-XXXX-1353BB23XXXX_1897","Code":0,"Trace":[{"file":"/var/www/nextcloud/apps/passwords/lib/Services/EnvironmentService.php","line":359,"function":"loadUserInformation","class":"OCA\\Passwords\\Services\\EnvironmentService","type":"->"},{"file":"/var/www/nextcloud/apps/passwords/lib/Services/EnvironmentService.php","line":185,"function":"determineAppMode","class":"OCA\\Passwords\\Services\\EnvironmentService","type":"->"},{"function":"__construct","class":"OCA\\Passwords\\Services\\EnvironmentService","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":108,"function":"newInstanceArgs","class":"ReflectionClass","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":116,"function":"buildClass","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":133,"function":"resolve","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/DependencyInjection/DIContainer.php","line":465,"function":"query","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/DependencyInjection/DIContainer.php","line":437,"function":"queryNoFallback","class":"OC\\AppFramework\\DependencyInjection\\DIContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":89,"function":"query","class":"OC\\AppFramework\\DependencyInjection\\DIContainer","type":"->"},{"function":"OC\\AppFramework\\Utility\\{closure}","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":108,"function":"array_map"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":116,"function":"buildClass","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":133,"function":"resolve","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/DependencyInjection/DIContainer.php","line":465,"function":"query","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/DependencyInjection/DIContainer.php","line":437,"function":"queryNoFallback","class":"OC\\AppFramework\\DependencyInjection\\DIContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":89,"function":"query","class":"OC\\AppFramework\\DependencyInjection\\DIContainer","type":"->"},{"function":"OC\\AppFramework\\Utility\\{closure}","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":108,"function":"array_map"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":116,"function":"buildClass","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":133,"function":"resolve","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/DependencyInjection/DIContainer.php","line":465,"function":"query","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/ServerContainer.php","line":145,"function":"queryNoFallback","class":"OC\\AppFramework\\DependencyInjection\\DIContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php","line":57,"function":"query","class":"OC\\ServerContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/Settings/Manager.php","line":199,"function":"get","class":"OC\\AppFramework\\Utility\\SimpleContainer","type":"->"},{"file":"/var/www/nextcloud/lib/private/Settings/Manager.php","line":357,"function":"getSettings","class":"OC\\Settings\\Manager","type":"->"},{"file":"/var/www/nextcloud/apps/settings/lib/Controller/CommonSettingsTrait.php","line":82,"function":"getAllowedAdminSettings","class":"OC\\Settings\\Manager","type":"->"},{"file":"/var/www/nextcloud/apps/settings/lib/Controller/CommonSettingsTrait.php","line":115,"function":"formatSections","class":"OCA\\Settings\\Controller\\PersonalSettingsController","type":"->"},{"file":"/var/www/nextcloud/apps/settings/lib/Controller/CommonSettingsTrait.php","line":67,"function":"formatAdminSections","class":"OCA\\Settings\\Controller\\PersonalSettingsController","type":"->"},{"file":"/var/www/nextcloud/apps/settings/lib/Controller/CommonSettingsTrait.php","line":139,"function":"getNavigationParameters","class":"OCA\\Settings\\Controller\\PersonalSettingsController","type":"->"},{"file":"/var/www/nextcloud/apps/settings/lib/Controller/PersonalSettingsController.php","line":64,"function":"getIndexResponse","class":"OCA\\Settings\\Controller\\PersonalSettingsController","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":225,"function":"index","class":"OCA\\Settings\\Controller\\PersonalSettingsController","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":133,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/App.php","line":172,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/Route/Router.php","line":298,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/nextcloud/lib/base.php","line":1030,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/nextcloud/index.php","line":36,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/nextcloud/apps/passwords/lib/Services/EnvironmentService.php","Line":396,"CustomMessage":"--"}}
Additional info
No response
Hi, please update to 25.0.7 or better 26.0.2 and report back if it fixes the issue. Thank you!
My goal is to add a label like e.g. 26-feedback to this ticket of an up-to-date major Nextcloud version where the bug could be reproduced. However this is not going to work without your help. So thanks for all your effort!
If you don't manage to reproduce the issue in time and the issue gets closed but you can reproduce the issue afterwards, feel free to create a new bug report with up-to-date information by following this link: https://github.com/nextcloud/server/issues/new?assignees=&labels=bug%2C0.+Needs+triage&template=BUG_REPORT.yml&title=%5BBug%5D%3A+
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions.
