Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi
I am getting this error when a certain user tries to login
LDAP Bind failure for user CN=.....,OU=Users,OU=.....,OU=.....,DC=.....,DC=..... Error 49: Invalid credentials
It as also happened with one other user but on second attempt they were able to login.
But it consistently happens with a particular user. This user informs me they have entered their credentials correclty and they were able to login a few days ago
Thanks for your help
Comments
Comment #1
johnbarclay CreditAttribution: johnbarclay commentedYou might ask if the user has any particularly odd characters in their password to try to replicate this. And see what OS and language set they are using. By consistently, do you mean it can be replicated or it happens frequently?
Comment #2
t14 CreditAttribution: t14 commentedHi
I checked the users password and it is made up of uppercase letters and numbers there are no special characters.
When you say language set do you mean the language used on their keyboard. I have international users who do not seem to have this problem
Yes it happens frequently is what i mean by consistently
Thanks for your time
Comment #3
t14 CreditAttribution: t14 commentedany more ideas to what could be causing it??
Thanks
Comment #4
johnbarclay CreditAttribution: johnbarclay commentedNo good ideas. Have you isolated this to drupal yet? That is:
Does the user have problems when authenticating to other applications besides drupal?
Have you and are you able to test the user binding directly through php without drupal?
I added some notes at http://drupal.org/node/1141764 on this sort of debugging also.
Comment #5
cgmonroe CreditAttribution: cgmonroe commentedAnother possibility is that there are more than one match for your Drupal login name to LDAP search criteria. LDAP can be a bit random in the order they return results. If more than one result is found, a watchdog error is set, but the login process continues using the first result. This could account for people sometimes logging in (first result is their entry) and sometimes being denied (first result is not their entry).
Check the watchdog log entries for entries like: Error: %num user found with %filter under %base_dn.
If this is the problem, then you may need to make sure your searching the appropriate sections of the ldap server.
Comment #6
cgmonroe CreditAttribution: cgmonroe commentedClosing due to inactivity.