We're Hiring!

Mattermost Discussion Forums

Can't login with LDAP but LDAP test success

Summary
Can’t login with LDAP but LDAP test success.

Steps to reproduce
After configured LDAP and test success, then use LDAP username and password login.
The LDAP settings is

"LdapSettings": {
        "Enable": true,
        "EnableSync": true,
        "LdapServer": "172.29.0.41",
        "LdapPort": 389,
        "ConnectionSecurity": "",
        "BaseDN": "ou=People,dc=ldapdomain,dc=com",
        "BindUsername": "cn=admin,dc=ldapdomain,dc=com",
        "BindPassword": "ldap123456",
        "UserFilter": "(cn=*)",
        "GroupFilter": "",
        "GuestFilter": "",
        "EnableAdminFilter": false,
        "AdminFilter": "",
        "GroupDisplayNameAttribute": "",
        "GroupIdAttribute": "",
        "FirstNameAttribute": "cn",
        "LastNameAttribute": "sn",
        "EmailAttribute": "userPrincipalName",
        "UsernameAttribute": "cn",
        "NicknameAttribute": "displayName",
        "IdAttribute": "cn",
        "PositionAttribute": "",
        "LoginIdAttribute": "cn",
        "PictureAttribute": "",
        "SyncIntervalMinutes": 60,
        "SkipCertificateVerification": false,
        "PublicCertificateFile": "",
        "PrivateKeyFile": "",
        "QueryTimeout": 60,
        "MaxPageSize": 0,
        "LoginFieldName": "",
        "LoginButtonColor": "",
        "LoginButtonBorderColor": "",
        "LoginButtonTextColor": "",
        "Trace": false
    }

LDAP server:


Use username cn=user4,ou=People,dc=ldapdomain,dc=com or user4 with correct password to login.

Expected behavior
Login success.

Observed behavior
The mattemost’s version is mattermost/mattermost-preview:5.4.0 docker image and E20 license.
Console got an error api.user.login.invalid_credentials_email_username.
Server logs:

{"level":"debug","ts":1634018548.5712206,"caller":"mlog/log.go:230","msg":"Enter a valid email or username and/or password.","path":"/api/v4/users/login","request_id":"qnxdumx533fh8k3j8t89hyaera","ip_addr":"172.29.255.254","user_id":"","method":"POST","err_where":"login","http_code":401,"err_details":""}
{"level":"debug","ts":1634018548.571602,"caller":"web/handlers.go:107","msg":"Received HTTP request","method":"POST","url":"/api/v4/users/login","request_id":"qnxdumx533fh8k3j8t89hyaera","host":"172.29.0.41:8065","scheme":"","status_code":"401"}
{"level":"debug","ts":1634018551.639378,"caller":"mlog/log.go:230","msg":"Enter a valid email or username and/or password.","path":"/api/v4/users/login","request_id":"rze4okfispfbfypgtzxenwto4w","ip_addr":"172.29.255.254","user_id":"","method":"POST","err_where":"login","http_code":401,"err_details":""}
{"level":"debug","ts":1634018551.6395016,"caller":"web/handlers.go:107","msg":"Received HTTP request","method":"POST","url":"/api/v4/users/login","request_id":"rze4okfispfbfypgtzxenwto4w","host":"172.29.0.41:8065","scheme":"","status_code":"401"}

LDAP test and synchronize result: