Regular LDAP user update


#1

Hi
My Mattermost is set to sync with LDAP every hour. Every time it does so, it logs that it updated a specific user:

[2018/01/12 01:47:37 GMT] [INFO] Mattermost user was updated by AD/LDAP server. username=bob.bobson authdata= email=bob.bobson@example.com
[2018/01/12 02:47:37 GMT] [INFO] LdapSync: Found 40 users with LDAP configured
[2018/01/12 02:47:38 GMT] [INFO] Mattermost user was updated by AD/LDAP server. username=bob.bobson authdata= email=bob.bobson@example.com
[2018/01/12 03:47:39 GMT] [INFO] LdapSync: Found 40 users with LDAP configured
[2018/01/12 03:47:40 GMT] [INFO] Mattermost user was updated by AD/LDAP server. username=bob.bobson authdata= email=bob.bobson@example.com
[2018/01/12 04:47:40 GMT] [INFO] LdapSync: Found 40 users with LDAP configured
[2018/01/12 04:47:41 GMT] [INFO] Mattermost user was updated by AD/LDAP server. username=bob.bobson authdata= email=bob.bobson@example.com
[2018/01/12 05:47:41 GMT] [INFO] LdapSync: Found 40 users with LDAP configured
[2018/01/12 05:47:42 GMT] [INFO] Mattermost user was updated by AD/LDAP server. username=bob.bobson authdata= email=bob.bobson@example.com
[2018/01/12 06:47:42 GMT] [INFO] LdapSync: Found 40 users with LDAP configured
[2018/01/12 06:47:43 GMT] [INFO] Mattermost user was updated by AD/LDAP server. username=bob.bobson authdata= email=bob.bobson@example.com
[2018/01/12 07:41:58 GMT] [INFO] LdapSync: Found 40 users with LDAP configured
[2018/01/12 07:41:59 GMT] [INFO] Mattermost user was updated by AD/LDAP server. username=bob.bobson authdata= email=bob.bobson@example.com

This happens every sync without fail. No other users are ‘updated’.

What could be wrong with this user that is causing this?

-R


#2

Hi @rheouk,

Could you share which version of Mattermost server you have installed?

Also, this LDAP documentation might help with troubleshooting


#3

Hi @lindy65

I’ve just now updated to 4.6.0 (from 4.5.0). The problem still persists.

I’ve been through the LDAP documentation several times - nothing points to this particular issue.

The thing is, we have no issues with LDAP. In fact, even the single user that gets ‘updated’ regularly has no issues logging in.

I’m simply wondering what’s causing that particular message - every sync.

-R


#4

I just ran a LDAP sync, while debug logs were turned on.
Aside from the usual, there were also ldap_sync_user entries logged.

I compared the ‘broken’ user to mine:

[2018/01/12 12:02:34 GMT] [DEBG] ldap_sync_user: {"id":"","delete_at":0,"username":"my.user","auth_data":"my.user","auth_service":"ldap","email":"my.user@example.com","email_verified":true,"nickname":"","first_name":"My","last_name":"Name","position":"MM Admin","roles":"","locale":""}
[2018/01/12 12:02:34 GMT] [DEBG] ldap_sync_user: {"id":"","delete_at":0,"username":"bob.bobson","auth_data":"Bob.Bobson","auth_service":"ldap","email":"Bob.Bobson@example.com","email_verified":true,"nickname":"","first_name":"Bob","last_name":"Bobson","position":"Broken User","roles":"","locale":""}

The interesting item is that the auth_data and email have capitalisations in them - these aren’t present in other users. The local Mattermost record is all lowercase. Is it picking up a difference (based on case) and then failing to sync that difference because its ignoring case elsewhere?

-R


#5

Thanks @rheouk,

I’ll ask our devs to take a look and help troubleshoot,