Login with e-mail address should be moved to the DB user backend #5221
Description
Steps to reproduce
- Open Nextcloud web portal with the desired browser.
- Enter as user login the e-mail address of a LDAP user and the corresponding password.
- Login is successfully.
Expected behaviour
Login should not work, because when I check the user login within the LDAP settings of Nextcloud administration, I get the response that the user was not found.
Actual behaviour
When I check the user login within the Nextcloud administration (http://nextcloud-test.test.de/index.php/settings/admin/ldap), I get following response:
"User not found. Please check your login attributes and username. Effective filter (to copy-and-paste for command line validation):
(&(&(objectclass=inetOrgPerson)(mail=)(!(mail=@domain1.de))(!(mail=*@domain2.de)))(uid=groupware-test1@test.de))"
The userid of this user is "gtest1".
The following LDAP filter will be used to find the users:
(&(&(objectclass=inetOrgPerson)(mail=)(!(mail=@domain1.de))(!(mail=*@domain2.de)))(uid=%uid))
So there is an inconsistence between this check and the login mechanism.
Additional information
I already wrote an issue because of a problem with capital letters and Outlook (#5154), therefore I checked this here again: As soon as the e-mail address contains a capital letter, the login also fails. A login with capitals letters within the userid works fine.
Server configuration
Operating system: Ubuntu 16.04.2 LTS
Web server: Apache/2.4.18
Database: sqlite3, Version: 3.11.0
PHP version: 7.0.15
Nextcloud version: 12.0
Updated from an older Nextcloud/ownCloud or fresh install: First install was a 12 beta, which was upgraded to the current version last week.
Where did you install Nextcloud from:
Signing status:
Signing status
No errors have been found.List of activated apps:
App list
Enabled: - activity: 2.5.2 - bruteforcesettings: 1.0.2 - calendar: 1.5.3 - comments: 1.2.0 - contacts: 1.5.3 - dav: 1.3.0 - federatedfilesharing: 1.2.0 - files: 1.7.2 - files_pdfviewer: 1.1.1 - files_sharing: 1.4.0 - files_texteditor: 2.4.1 - files_trashbin: 1.2.0 - files_versions: 1.5.0 - files_videoplayer: 1.1.0 - firstrunwizard: 2.1 - gallery: 17.0.0 - logreader: 2.0.0 - lookup_server_connector: 1.0.0 - nextcloud_announcements: 1.1 - notifications: 2.0.0 - oauth2: 1.0.5 - password_policy: 1.2.2 - provisioning_api: 1.2.0 - serverinfo: 1.2.0 - sharebymail: 1.2.0 - survey_client: 1.0.0 - systemtags: 1.2.0 - theming: 1.3.0 - twofactor_backupcodes: 1.1.1 - updatenotification: 1.2.0 - user_ldap: 1.2.1 - workflowengine: 1.2.0 Disabled: - admin_audit - encryption - federation - files_external - spreed - user_externalNextcloud configuration:
Nextcloud configuration
{ "system": { "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "nextcloud-test.test.de" ], "datadirectory": "\/nextcloud-data", "overwrite.cli.url": "http:\/\/nextcloud-test.test.de", "dbtype": "sqlite3", "version": "12.0.0.29", "dbname": "nextcloud", "dbhost": "127.0.0.1", "dbport": "", "dbtableprefix": "oc_", "instanceid": "och55ujpywqp", "logtimezone": "UTC", "installed": true, "ldapIgnoreNamingRules": false, "ldapProviderFactory": "\\OCA\\User_LDAP\\LDAPProviderFactory", "loglevel": 2, "maintenance": false, "updater.release.channel": "stable", "mail_from_address": "no-reply", "mail_smtpmode": "sendmail", "mail_smtpauthtype": "LOGIN", "mail_domain": "test.de", "theme": "" } }Are you using external storage, if yes which one: no
Are you using encryption: no
Are you using an external user-backend, if yes which one: LDAP
LDAP configuration
LDAP config
+-------------------------------+-----------------------------------------------------------------------------------------------------+ | Configuration | | +-------------------------------+-----------------------------------------------------------------------------------------------------+ | hasMemberOfFilterSupport | 0 | | hasPagedResultSupport | | | homeFolderNamingRule | | | lastJpegPhotoLookup | 0 | | ldapAgentName | uid=readonly,ou=special-users,dc=test=de | | ldapAgentPassword | *** | | ldapAttributesForGroupSearch | | | ldapAttributesForUserSearch | sn;givenName;uid;mail | | ldapBackupHost | | | ldapBackupPort | | | ldapBase | dc=test,dc=de | | ldapBaseGroups | ou=groups,dc=test,dc=de | | ldapBaseUsers | ou=users,dc=test,dc=de | | ldapCacheTTL | 600 | | ldapConfigurationActive | 1 | | ldapDefaultPPolicyDN | | | ldapDynamicGroupMemberURL | | | ldapEmailAttribute | mail | | ldapExperiencedAdmin | 1 | | ldapExpertUUIDGroupAttr | cn | | ldapExpertUUIDUserAttr | uid | | ldapExpertUsernameAttr | | | ldapGidNumber | gidNumber | | ldapGroupDisplayName | cn | | ldapGroupFilter | (&(|(objectclass=groupOfUniqueNames))(!(cn=studenten*))) | | ldapGroupFilterGroups | | | ldapGroupFilterMode | 0 | | ldapGroupFilterObjectclass | | | ldapGroupMemberAssocAttr | uniqueMember | | ldapHost | ldaps://idm.test.de | | ldapIgnoreNamingRules | | | ldapLoginFilter | (&(&(objectclass=inetOrgPerson)(mail=*)(!(mail=*@domain1.edu))(!(mail=*@domain2.de)))(uid=%uid)) | | ldapLoginFilterAttributes | | | ldapLoginFilterEmail | 0 | | ldapLoginFilterMode | 0 | | ldapLoginFilterUsername | 1 | | ldapNestedGroups | 0 | | ldapOverrideMainServer | | | ldapPagingSize | 500 | | ldapPort | 636 | | ldapQuotaAttribute | | | ldapQuotaDefault | | | ldapTLS | 0 | | ldapUserDisplayName | mail | | ldapUserDisplayName2 | | | ldapUserFilter | (&(objectclass=inetOrgPerson)(mail=*)(!(mail=*@domain1.edu))(!(mail=*@domain2.de))) | | ldapUserFilterGroups | | | ldapUserFilterMode | 0 | | ldapUserFilterObjectclass | | | ldapUuidGroupAttribute | auto | | ldapUuidUserAttribute | auto | | turnOffCertCheck | 0 | | turnOnPasswordChange | 0 | | useMemberOfToDetectMembership | 1 | +-------------------------------+-----------------------------------------------------------------------------------------------------+Client configuration
Browser: FF, Chrome
Operating system: Ubuntu 16