I will play with more this week and definitely will open one if reproducible. Thank you for the heads up 😊.
Regards, Jordan -----Original Message----- From: Daan Hoogland <daan.hoogl...@gmail.com> Sent: Monday, May 31, 2021 10:31 AM To: users <users@cloudstack.apache.org> Subject: Re: when removing an account linked to ldap and re-adding it, login fails [X] This message came from outside your organization ok Jordan, tnx, if you can reproduce, please enter an issue on github. On Mon, May 31, 2021 at 9:19 AM Yordan Kostov <yord...@nsogroup.com> wrote: > Hello Dan, > > No it is 4.15 installation connection to XCP-NG cluster. > All I did is a lot of testing - creating domains + accounts > connected to LDAP and then deleting them. > At some point that issue occurred. > > Best regards, > Jordan > > -----Original Message----- > From: Daan Hoogland <daan.hoogl...@gmail.com> > Sent: Monday, May 31, 2021 10:08 AM > To: users <users@cloudstack.apache.org> > Subject: Re: when removing an account linked to ldap and re-adding it, > login fails > > > [X] This message came from outside your organization > > > Tnx for reporting Yordan, > Just one question, This issue you link to is supposed to have been > solved in 4.14, did you create and delete the account before in an older > version? > tnx > > On Fri, May 28, 2021 at 3:59 PM Yordan Kostov <yord...@nsogroup.com> > wrote: > > > Figured it out. > > For anyone having this issue: > > > > Go to "ldap_trust_map" and correlate the entries with the accounts > > in "Account" table. > > Delete the irrelevant ones in "ldap_trust_map" and login is successful. > > > > Regards, > > Jordan > > > > > > -----Original Message----- > > From: Yordan Kostov <yord...@nsogroup.com> > > Sent: Friday, May 28, 2021 4:43 PM > > To: users@cloudstack.apache.org > > Subject: when removing an account linked to ldap and re-adding it, > > login fails > > > > > > [X] This message came from outside your organization > > > > > > Hey everyone, > > > > ACD version 4.15. > > > > I am playing with LDAP and after some tests I cannot > > login with ldap account anymore. > > This is what I get as error messages: > > > > 2021-05-28 15:31:40,645 INFO [o.a.c.l.LdapAuthenticator] > > (qtp1026871825-26357:ctx-b5cbec02) (logid:c77c97b9) user 'acstest01' > > is mapped to more then one account in domain and will be disabled. > > 2021-05-28 15:31:40,646 DEBUG [o.a.c.s.SAML2UserAuthenticator] > > (qtp1026871825-26357:ctx-b5cbec02) (logid:c77c97b9) Trying SAML2 > > auth for > > user: acstest01 > > 2021-05-28 15:31:40,647 DEBUG [o.a.c.s.SAML2UserAuthenticator] > > (qtp1026871825-26357:ctx-b5cbec02) (logid:c77c97b9) Unable to find > > user with acstest01 in domain 18, or user source is not SAML2 > > 2021-05-28 15:31:40,647 DEBUG [c.c.u.AccountManagerImpl] > > (qtp1026871825-26357:ctx-b5cbec02) (logid:c77c97b9) Unable to > > authenticate user with username acstest01 in domain 18 > > 2021-05-28 15:31:40,647 WARN [c.c.u.AccountManagerImpl] > > (qtp1026871825-26357:ctx-b5cbec02) (logid:c77c97b9) Unable to find > > an user with username acstest01 in domain 18 > > 2021-05-28 15:31:40,648 DEBUG [c.c.u.AccountManagerImpl] > > (qtp1026871825-26357:ctx-b5cbec02) (logid:c77c97b9) User: acstest01 > > in domain 18 has failed to log in > > 2021-05-28 15:31:40,648 DEBUG [c.c.a.ApiServlet] > > (qtp1026871825-26357:ctx-b5cbec02) (logid:c77c97b9) Authentication > failure: > > {"loginresponse":{"uuidList":[],"errorcode":531,"errortext":"Failed > > to authenticate user acstest01 in domain 18; please provide valid > > credentials"}} > > > > I have only 1 account mapped in that domain so from > > what I see it looks like this issue here -> > > https://urldefense.com/v3/__https://github.com/apache/cloudstack/iss > > ue > > s/3661__;!!A6UyJA!wUcsBGPDJa5V-jfcXEGNQxhPCdJnumEo-mNFlnPMdDUi75-rkz > > TT > > a7A6dNOdYWqn$ > > > > Any idea what should be cleaned in the DB to allow > > login > ? > > > > Regards, > > Jordan > > > > <font size="2"><font color="#D8D8D8">11!</font> > > > > > > -- > Daan > -- Daan