Skip to content

LDAP/AD integration Error 500 if a user is fetched that is marked as deleted #9502

New issue
New issue
Closed
Closed
LDAP/AD integration Error 500 if a user is fetched that is marked as deleted#9502
Labels
3. to reviewWaiting for reviewsbugfeature: ldap
Milestone
Nextcloud 14
@lucacarangelo

Description

@lucacarangelo
lucacarangelo
opened on May 17, 2018

Steps to reproduce

  1. Create a group in active directory and configure this Group in Nextcloud LDAP/AD Integration -> Group
  2. Move to User from the top right menu (just below Applications)
    3.https://xxxxx.xxxx.xxxx/index.php/settings/users/users?offset=0&limit=50&gid=&pattern=
    RETURNS STATUS 500 ()
  3. Removing user with apostrophe in surname ('D'ANTONIO SILVA...') , users list starts to work correctly.

Expected behaviour

Tell us what should happen
User enabled should be shown

Actual behaviour

Tell us what happens instead
Users is empty and an error is reported on browser console.
Looking at logs :
{"reqId":"Wv1IdXPWrLF0USueApZ79AAAAAI","level":3,"time":"2018-05-17T09:16:37+00:00","remoteAddr":"172.20.32.33","user":"C17D7C4B-6A1B-4FA5-AE22-22BBC238CD67","app":"index","method":"GET","url":"/index.php/settings/users/users?offset=0&limit=50&gid=&pattern=","message":"Exception: {"Exception":"Error","Message":"Call to undefined method OCA\\User_LDAP\\User\\OfflineUser::composeAndStoreDisplayName()","Code":0,"Trace":"#0 \/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/Access.php(685): OCA\\User_LDAP\\Access->cacheUserDisplayName**('1F22EA11-3263-4...', 'D'ANTONIO SILVA...', 'S.Dantonio@Sirt...')\n#1** \/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/Access.php(636): OCA\\User_LDAP\\Access->ldap2NextcloudNames(Array, true)\n#2 \/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/User_LDAP.php(287): OCA\\User_LDAP\\Access->nextcloudUserNames(Array)\n#3 \/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/User_Proxy.php(159): OCA\\User_LDAP\\User_LDAP->getUsers('', 50, 0)\n#4 \/var\/www\/html\/nextcloud\/lib\/private\/User\/Manager.php(225): OCA\\User_LDAP\\User_Proxy->getUsers('', 50, 0)\n#5 \/var\/www\/html\/nextcloud\/settings\/Controller\/UsersController.php(314): OC\\User\\Manager->search('', 50, 0)\n#6 [internal function]: OC\\Settings\\Controller\\UsersController->index(0, 50, '', '', '')\n#7 \/var\/www\/html\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php(161): call_user_func_array(Array, Array)\n#8 \/var\/www\/html\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php(91): OC\\AppFramework\\Http\\Dispatcher->executeController(Object(OC\\Settings\\Controller\\UsersController), 'index')\n#9 \/var\/www\/html\/nextcloud\/lib\/private\/AppFramework\/App.php(115): OC\\AppFramework\\Http\\Dispatcher->dispatch(Object(OC\\Settings\\Controller\\UsersController), 'index')\n#10 \/var\/www\/html\/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php(47): OC\\AppFramework\\App::main('OC\\\\Settings\\\\Con...', 'index', Object(OC\\AppFramework\\DependencyInjection\\DIContainer), Array)\n#11 [internal function]: OC\\AppFramework\\Routing\\RouteActionHandler->__invoke(Array)\n#12 \/var\/www\/html\/nextcloud\/lib\/private\/Route\/Router.php(297): call_user_func(Object(OC\\AppFramework\\Routing\\RouteActionHandler), Array)\n#13 \/var\/www\/html\/nextcloud\/lib\/base.php(999): OC\\Route\\Router->match('\/settings\/users...')\n#14 \/var\/www\/html\/nextcloud\/index.php(37): OC::handleRequest()\n#15 {main}","File":"\/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/Access.php","Line":721}","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","version":"13.0.2.1"}

Server configuration

Operating system:
Red Hat Enterprise Linux Server release 7.4 (Maipo)
Web server:
apache 2.4

Database:
MariaDB 5.5.56

PHP version:
php 7.1.11

Nextcloud version: (see Nextcloud admin page)
13.0.2

Updated from an older Nextcloud/ownCloud or fresh install:
Update from 13.0.1; Started from 13.x

Where did you install Nextcloud from:
from your source
Signing status:

Signing status 
Login as admin user into your Nextcloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results here.
No errors have been found.
</details>

**List of activated apps:**
<details>
Activity	2.6.1	Ufficiale		
Antivirus App for files	1.2.0	Visualizza nell'archivio ↗		
Auditing / Logging	1.3.0	Ufficiale		
Brute-force settings	1.0.3	Visualizza nell'archivio ↗	
Collaborative tags	1.3.0	Ufficiale		
Comments	1.3.0	Ufficiale		
Deleted files	1.3.0	Ufficiale		
External user support	0.4	Ufficiale		
Federation	1.3.0	Ufficiale		
File sharing	1.5.0	Ufficiale		
First run wizard	2.2.1	Ufficiale		
Gallery	18.0.0	Ufficiale	

Group folders	1.2.0	Visualizza nell'archivio ↗		
LDAP user and group backend	1.3.1	Ufficiale		
Log Reader	2.0.0	Ufficiale	
	
Monitoring	1.3.0	Ufficiale	
	
Nextcloud announcements	1.2.0	Ufficiale		
Notifications	2.1.2	Ufficiale		
Password policy	1.3.0	Ufficiale	
	
PDF viewer	1.2.1	Ufficiale	
	
Share by mail	1.3.0	Ufficiale		
Text editor	2.5.1	Ufficiale	
	
Theming	1.4.1	Ufficiale		
Update notification	1.3.0	Ufficiale	
	
Usage survey	1.1.0	Ufficiale	
	
Versions	1.6.0	Ufficiale		
Video player	1.2.0	Ufficiale	
	
<summary>App list</summary>

If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your Nextcloud installation folder
Enabled:

  • activity: 2.6.1
  • admin_audit: 1.3.0
  • bruteforcesettings: 1.0.3
  • comments: 1.3.0
  • dav: 1.4.6
  • federatedfilesharing: 1.3.1
  • federation: 1.3.0
  • files: 1.8.0
  • files_antivirus: 1.2.0
  • files_pdfviewer: 1.2.1
  • files_sharing: 1.5.0
  • files_texteditor: 2.5.1
  • files_trashbin: 1.3.0
  • files_versions: 1.6.0
  • files_videoplayer: 1.2.0
  • firstrunwizard: 2.2.1
  • gallery: 18.0.0
  • groupfolders: 1.2.0
  • logreader: 2.0.0
  • lookup_server_connector: 1.1.0
  • nextcloud_announcements: 1.2.0
  • notifications: 2.1.2
  • oauth2: 1.1.0
  • password_policy: 1.3.0
  • provisioning_api: 1.3.0
  • serverinfo: 1.3.0
  • sharebymail: 1.3.0
  • survey_client: 1.1.0
  • systemtags: 1.3.0
  • theming: 1.4.1
  • twofactor_backupcodes: 1.2.3
  • updatenotification: 1.3.0
  • user_external: 0.4
  • user_ldap: 1.3.1
  • workflowengine: 1.3.0
    Disabled:
  • encryption
  • files_external
  • groupfolders-master
</details>

**Nextcloud configuration:**
<details>
<summary>Config report</summary>

If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your Nextcloud installation folder
{
"system": {
"trusted_proxies": "REMOVED SENSITIVE VALUE",
"overwritehost": "share.portale.xxxx.xxx",
"forwarded_for_headers": [
"HTTP_X_FORWARDED_FOR"
],
"instanceid": "REMOVED SENSITIVE VALUE",
"overwriteprotocol": "https",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"10.1.132.20",
"share.portale.xxx.xxx",
"nextcloud.ict.xxxx.xxx"
],
"datadirectory": "REMOVED SENSITIVE VALUE",
"tempdirectory": "/data/tmp",
"overwrite.cli.url": "https://share.portale.xxx.xxx/",
"dbtype": "mysql",
"version": "13.0.2.1",
"dbname": "REMOVED SENSITIVE VALUE",
"dbhost": "REMOVED SENSITIVE VALUE",
"dbport": "",
"dbtableprefix": "oc_",
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "PLAIN",
"mail_from_address": "REMOVED SENSITIVE VALUE",
"mail_domain": "REMOVED SENSITIVE VALUE",
"mail_smtphost": "REMOVED SENSITIVE VALUE",
"mail_smtpport": "25",
"ldapIgnoreNamingRules": false,
"ldapProviderFactory": "\OCA\User_LDAP\LDAPProviderFactory",
"proxy": "172.20.xx.xxx:8080",
"maintenance": false,
"theme": "",
"loglevel": 1,
"updater.secret": "REMOVED SENSITIVE VALUE"
}
}

or

Insert your config.php content here.
Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …)

</details>

**Are you using external storage, if yes which one:** local/smb/sftp/...
no
**Are you using encryption:** yes/no
no
**Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/...
yes
#### LDAP configuration (delete this part if not used)
<details>
<summary>LDAP config</summary>

With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your Nextcloud installation folder
+-------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
| Configuration | |
+-------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
| hasMemberOfFilterSupport | 1 |
| hasPagedResultSupport | |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | cn=AA00060,ou=servizio,dc=corp,dc=xxxx,dc=xxx |
| ldapAgentPassword | *** |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | cn;displayName;email |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | dc=corp,dc=xxxx,dc=xxx |
| ldapBaseGroups | dc=corp,dc=xxxx,dc=xxx |
| ldapBaseUsers | dc=corp,dc=xxxx,dc=xxx |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (|(cn=GG790)) |
| ldapGroupFilterGroups | GG790 |
| ldapGroupFilterMode | 0 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | member |
| ldapHost | ldap://10.1.8.66 |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(&(|(objectclass=person)))(|(samaccountname=%uid)(|(cn=%uid)(displayName=%uid)))) |
| ldapLoginFilterAttributes | cn;displayName |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 1 |
| ldapLoginFilterUsername | 1 |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 389 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserDisplayName | displayname |
| ldapUserDisplayName2 | mail |
| ldapUserFilter | (&(|(objectclass=person)(objectclass=user))(|(|(memberof=CN=GG790,OU=GRUPPIABILITAZIONE,DC=corp,DC=xxxx,DC=xxx)(primaryGroupID=31208)))) |
| ldapUserFilterGroups | GG790 |
| ldapUserFilterMode | 0 |
| ldapUserFilterObjectclass | person;user |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------+
+-------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| Configuration | s01 |
+-------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------+
| hasMemberOfFilterSupport | 1 |
| hasPagedResultSupport | |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | cn=AA00060,ou=servizio,dc=corp,dc=xxxx,dc=xxx |
| ldapAgentPassword | *** |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | dc=partner,dc=xxxx,dc=xxx |
| ldapBaseGroups | dc=partner,dc=xxxx,dc=xxx |
| ldapBaseUsers | dc=partner,dc=xxxx,dc=xxx |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (|(cn=GA00001)) |
| ldapGroupFilterGroups | GA00001 |
| ldapGroupFilterMode | 0 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | uniqueMember |
| ldapHost | ldap://10.1.8.68 |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(&(|(objectclass=person)))(samaccountname=%uid)) |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 0 |
| ldapLoginFilterUsername | 1 |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 389 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserDisplayName | displayname |
| ldapUserDisplayName2 | |
| ldapUserFilter | (&(|(objectclass=person)(objectclass=user))(|(|(memberof=CN=GA00001,OU=GRUPPIABILITAZIONE,DC=partner,DC=xxxx,DC=xxx)(primaryGroupID=13381)))) |
| ldapUserFilterGroups | GA00001 |
| ldapUserFilterMode | 0 |
| ldapUserFilterObjectclass | person;user |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------+

Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM oc_appconfig WHERE appid = 'user_ldap';

Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.

</details>

### Client configuration
**Browser:**
All
**Operating system:**
Windows 10

### Logs
#### Web server error log
<details>
<summary>Web server error log</summary>

Insert your webserver log here

</details>

#### Nextcloud log (data/nextcloud.log)
{"reqId":"Wv1IdXPWrLF0USueApZ79AAAAAI","level":3,"time":"2018-05-17T09:16:37+00:00","remoteAddr":"172.20.32.33","user":"C17D7C4B-6A1B-4FA5-AE22-22BBC238CD67","app":"index","method":"GET","url":"\/index.php\/settings\/users\/users?offset=0&limit=50&gid=&pattern=","message":"Exception: {\"Exception\":\"Error\",\"Message\":\"Call to undefined method OCA\\\\User_LDAP\\\\User\\\\OfflineUser::composeAndStoreDisplayName()\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/Access.php(685): OCA\\\\User_LDAP\\\\Access->cacheUserDisplayName**('1F22EA11-3263-4...', 'D'ANTONIO SILVA...', 'S.Dantonio@Sirt...')\\n#1** \\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/Access.php(636): OCA\\\\User_LDAP\\\\Access->ldap2NextcloudNames(Array, true)\\n#2 \\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/User_LDAP.php(287): OCA\\\\User_LDAP\\\\Access->nextcloudUserNames(Array)\\n#3 \\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/User_Proxy.php(159): OCA\\\\User_LDAP\\\\User_LDAP->getUsers('', 50, 0)\\n#4 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/User\\\/Manager.php(225): OCA\\\\User_LDAP\\\\User_Proxy->getUsers('', 50, 0)\\n#5 \\\/var\\\/www\\\/html\\\/nextcloud\\\/settings\\\/Controller\\\/UsersController.php(314): OC\\\\User\\\\Manager->search('', 50, 0)\\n#6 [internal function]: OC\\\\Settings\\\\Controller\\\\UsersController->index(0, 50, '', '', '')\\n#7 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(161): call_user_func_array(Array, Array)\\n#8 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(91): OC\\\\AppFramework\\\\Http\\\\Dispatcher->executeController(Object(OC\\\\Settings\\\\Controller\\\\UsersController), 'index')\\n#9 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/AppFramework\\\/App.php(115): OC\\\\AppFramework\\\\Http\\\\Dispatcher->dispatch(Object(OC\\\\Settings\\\\Controller\\\\UsersController), 'index')\\n#10 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/AppFramework\\\/Routing\\\/RouteActionHandler.php(47): OC\\\\AppFramework\\\\App::main('OC\\\\\\\\Settings\\\\\\\\Con...', 'index', Object(OC\\\\AppFramework\\\\DependencyInjection\\\\DIContainer), Array)\\n#11 [internal function]: OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler->__invoke(Array)\\n#12 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/Route\\\/Router.php(297): call_user_func(Object(OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler), Array)\\n#13 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/base.php(999): OC\\\\Route\\\\Router->match('\\\/settings\\\/users...')\\n#14 \\\/var\\\/www\\\/html\\\/nextcloud\\\/index.php(37): OC::handleRequest()\\n#15 {main}\",\"File\":\"\\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/Access.php\",\"Line\":721}","userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.2.1"}

Insert your Nextcloud log here

</details>

#### Browser log
<details>
<summary>Browser log</summary>

Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log
c) ...

</details>

Metadata

Metadata

Assignees

No one assigned

    Labels

    3. to reviewWaiting for reviewsbugfeature: ldap

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions