LDAP/AD integration Error 500 if a user is fetched that is marked as deleted #9502

lucacarangelo · 2018-05-17T09:44:03Z

Steps to reproduce

Create a group in active directory and configure this Group in Nextcloud LDAP/AD Integration -> Group
Move to User from the top right menu (just below Applications)
3.https://xxxxx.xxxx.xxxx/index.php/settings/users/users?offset=0&limit=50&gid=&pattern=
RETURNS STATUS 500 ()
Removing user with apostrophe in surname ('D'ANTONIO SILVA...') , users list starts to work correctly.

Expected behaviour

Tell us what should happen
User enabled should be shown

Actual behaviour

Tell us what happens instead
Users is empty and an error is reported on browser console.
Looking at logs :
{"reqId":"Wv1IdXPWrLF0USueApZ79AAAAAI","level":3,"time":"2018-05-17T09:16:37+00:00","remoteAddr":"172.20.32.33","user":"C17D7C4B-6A1B-4FA5-AE22-22BBC238CD67","app":"index","method":"GET","url":"/index.php/settings/users/users?offset=0&limit=50&gid=&pattern=","message":"Exception: {"Exception":"Error","Message":"Call to undefined method OCA\\User_LDAP\\User\\OfflineUser::composeAndStoreDisplayName()","Code":0,"Trace":"#0 \/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/Access.php(685): OCA\\User_LDAP\\Access->cacheUserDisplayName**('1F22EA11-3263-4...', 'D'ANTONIO SILVA...', 'S.Dantonio@Sirt...')\n#1** \/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/Access.php(636): OCA\\User_LDAP\\Access->ldap2NextcloudNames(Array, true)\n#2 \/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/User_LDAP.php(287): OCA\\User_LDAP\\Access->nextcloudUserNames(Array)\n#3 \/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/User_Proxy.php(159): OCA\\User_LDAP\\User_LDAP->getUsers('', 50, 0)\n#4 \/var\/www\/html\/nextcloud\/lib\/private\/User\/Manager.php(225): OCA\\User_LDAP\\User_Proxy->getUsers('', 50, 0)\n#5 \/var\/www\/html\/nextcloud\/settings\/Controller\/UsersController.php(314): OC\\User\\Manager->search('', 50, 0)\n#6 [internal function]: OC\\Settings\\Controller\\UsersController->index(0, 50, '', '', '')\n#7 \/var\/www\/html\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php(161): call_user_func_array(Array, Array)\n#8 \/var\/www\/html\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php(91): OC\\AppFramework\\Http\\Dispatcher->executeController(Object(OC\\Settings\\Controller\\UsersController), 'index')\n#9 \/var\/www\/html\/nextcloud\/lib\/private\/AppFramework\/App.php(115): OC\\AppFramework\\Http\\Dispatcher->dispatch(Object(OC\\Settings\\Controller\\UsersController), 'index')\n#10 \/var\/www\/html\/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php(47): OC\\AppFramework\\App::main('OC\\\\Settings\\\\Con...', 'index', Object(OC\\AppFramework\\DependencyInjection\\DIContainer), Array)\n#11 [internal function]: OC\\AppFramework\\Routing\\RouteActionHandler->__invoke(Array)\n#12 \/var\/www\/html\/nextcloud\/lib\/private\/Route\/Router.php(297): call_user_func(Object(OC\\AppFramework\\Routing\\RouteActionHandler), Array)\n#13 \/var\/www\/html\/nextcloud\/lib\/base.php(999): OC\\Route\\Router->match('\/settings\/users...')\n#14 \/var\/www\/html\/nextcloud\/index.php(37): OC::handleRequest()\n#15 {main}","File":"\/var\/www\/html\/nextcloud\/apps\/user_ldap\/lib\/Access.php","Line":721}","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","version":"13.0.2.1"}

Server configuration

Operating system:
Red Hat Enterprise Linux Server release 7.4 (Maipo)
Web server:
apache 2.4

Database:
MariaDB 5.5.56

PHP version:
php 7.1.11

Nextcloud version: (see Nextcloud admin page)
13.0.2

Updated from an older Nextcloud/ownCloud or fresh install:
Update from 13.0.1; Started from 13.x

Where did you install Nextcloud from:
from your source
Signing status:

Signing status

Login as admin user into your Nextcloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results here.
No errors have been found.
</details>

**List of activated apps:**
<details>
Activity	2.6.1	Ufficiale		
Antivirus App for files	1.2.0	Visualizza nell'archivio ↗		
Auditing / Logging	1.3.0	Ufficiale		
Brute-force settings	1.0.3	Visualizza nell'archivio ↗	
Collaborative tags	1.3.0	Ufficiale		
Comments	1.3.0	Ufficiale		
Deleted files	1.3.0	Ufficiale		
External user support	0.4	Ufficiale		
Federation	1.3.0	Ufficiale		
File sharing	1.5.0	Ufficiale		
First run wizard	2.2.1	Ufficiale		
Gallery	18.0.0	Ufficiale	

Group folders	1.2.0	Visualizza nell'archivio ↗		
LDAP user and group backend	1.3.1	Ufficiale		
Log Reader	2.0.0	Ufficiale	
	
Monitoring	1.3.0	Ufficiale	
	
Nextcloud announcements	1.2.0	Ufficiale		
Notifications	2.1.2	Ufficiale		
Password policy	1.3.0	Ufficiale	
	
PDF viewer	1.2.1	Ufficiale	
	
Share by mail	1.3.0	Ufficiale		
Text editor	2.5.1	Ufficiale	
	
Theming	1.4.1	Ufficiale		
Update notification	1.3.0	Ufficiale	
	
Usage survey	1.1.0	Ufficiale	
	
Versions	1.6.0	Ufficiale		
Video player	1.2.0	Ufficiale	
	
<summary>App list</summary>

If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your Nextcloud installation folder
Enabled:

activity: 2.6.1
admin_audit: 1.3.0
bruteforcesettings: 1.0.3
comments: 1.3.0
dav: 1.4.6
federatedfilesharing: 1.3.1
federation: 1.3.0
files: 1.8.0
files_antivirus: 1.2.0
files_pdfviewer: 1.2.1
files_sharing: 1.5.0
files_texteditor: 2.5.1
files_trashbin: 1.3.0
files_versions: 1.6.0
files_videoplayer: 1.2.0
firstrunwizard: 2.2.1
gallery: 18.0.0
groupfolders: 1.2.0
logreader: 2.0.0
lookup_server_connector: 1.1.0
nextcloud_announcements: 1.2.0
notifications: 2.1.2
oauth2: 1.1.0
password_policy: 1.3.0
provisioning_api: 1.3.0
serverinfo: 1.3.0
sharebymail: 1.3.0
survey_client: 1.1.0
systemtags: 1.3.0
theming: 1.4.1
twofactor_backupcodes: 1.2.3
updatenotification: 1.3.0
user_external: 0.4
user_ldap: 1.3.1
workflowengine: 1.3.0
Disabled:
encryption
files_external
groupfolders-master

</details>

**Nextcloud configuration:**
<details>
<summary>Config report</summary>

If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your Nextcloud installation folder
{
"system": {
"trusted_proxies": "REMOVED SENSITIVE VALUE",
"overwritehost": "share.portale.xxxx.xxx",
"forwarded_for_headers": [
"HTTP_X_FORWARDED_FOR"
],
"instanceid": "REMOVED SENSITIVE VALUE",
"overwriteprotocol": "https",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"10.1.132.20",
"share.portale.xxx.xxx",
"nextcloud.ict.xxxx.xxx"
],
"datadirectory": "REMOVED SENSITIVE VALUE",
"tempdirectory": "/data/tmp",
"overwrite.cli.url": "https://share.portale.xxx.xxx/",
"dbtype": "mysql",
"version": "13.0.2.1",
"dbname": "REMOVED SENSITIVE VALUE",
"dbhost": "REMOVED SENSITIVE VALUE",
"dbport": "",
"dbtableprefix": "oc_",
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "PLAIN",
"mail_from_address": "REMOVED SENSITIVE VALUE",
"mail_domain": "REMOVED SENSITIVE VALUE",
"mail_smtphost": "REMOVED SENSITIVE VALUE",
"mail_smtpport": "25",
"ldapIgnoreNamingRules": false,
"ldapProviderFactory": "\OCA\User_LDAP\LDAPProviderFactory",
"proxy": "172.20.xx.xxx:8080",
"maintenance": false,
"theme": "",
"loglevel": 1,
"updater.secret": "REMOVED SENSITIVE VALUE"
}
}

or

Insert your config.php content here.
Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …)

</details>

**Are you using external storage, if yes which one:** local/smb/sftp/...
no
**Are you using encryption:** yes/no
no
**Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/...
yes
#### LDAP configuration (delete this part if not used)
<details>
<summary>LDAP config</summary>

Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM oc_appconfig WHERE appid = 'user_ldap';

Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.

</details>

### Client configuration
**Browser:**
All
**Operating system:**
Windows 10

### Logs
#### Web server error log
<details>
<summary>Web server error log</summary>

Insert your webserver log here

</details>

#### Nextcloud log (data/nextcloud.log)
{"reqId":"Wv1IdXPWrLF0USueApZ79AAAAAI","level":3,"time":"2018-05-17T09:16:37+00:00","remoteAddr":"172.20.32.33","user":"C17D7C4B-6A1B-4FA5-AE22-22BBC238CD67","app":"index","method":"GET","url":"\/index.php\/settings\/users\/users?offset=0&limit=50&gid=&pattern=","message":"Exception: {\"Exception\":\"Error\",\"Message\":\"Call to undefined method OCA\\\\User_LDAP\\\\User\\\\OfflineUser::composeAndStoreDisplayName()\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/Access.php(685): OCA\\\\User_LDAP\\\\Access->cacheUserDisplayName**('1F22EA11-3263-4...', 'D'ANTONIO SILVA...', 'S.Dantonio@Sirt...')\\n#1** \\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/Access.php(636): OCA\\\\User_LDAP\\\\Access->ldap2NextcloudNames(Array, true)\\n#2 \\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/User_LDAP.php(287): OCA\\\\User_LDAP\\\\Access->nextcloudUserNames(Array)\\n#3 \\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/User_Proxy.php(159): OCA\\\\User_LDAP\\\\User_LDAP->getUsers('', 50, 0)\\n#4 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/User\\\/Manager.php(225): OCA\\\\User_LDAP\\\\User_Proxy->getUsers('', 50, 0)\\n#5 \\\/var\\\/www\\\/html\\\/nextcloud\\\/settings\\\/Controller\\\/UsersController.php(314): OC\\\\User\\\\Manager->search('', 50, 0)\\n#6 [internal function]: OC\\\\Settings\\\\Controller\\\\UsersController->index(0, 50, '', '', '')\\n#7 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(161): call_user_func_array(Array, Array)\\n#8 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(91): OC\\\\AppFramework\\\\Http\\\\Dispatcher->executeController(Object(OC\\\\Settings\\\\Controller\\\\UsersController), 'index')\\n#9 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/AppFramework\\\/App.php(115): OC\\\\AppFramework\\\\Http\\\\Dispatcher->dispatch(Object(OC\\\\Settings\\\\Controller\\\\UsersController), 'index')\\n#10 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/AppFramework\\\/Routing\\\/RouteActionHandler.php(47): OC\\\\AppFramework\\\\App::main('OC\\\\\\\\Settings\\\\\\\\Con...', 'index', Object(OC\\\\AppFramework\\\\DependencyInjection\\\\DIContainer), Array)\\n#11 [internal function]: OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler->__invoke(Array)\\n#12 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/private\\\/Route\\\/Router.php(297): call_user_func(Object(OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler), Array)\\n#13 \\\/var\\\/www\\\/html\\\/nextcloud\\\/lib\\\/base.php(999): OC\\\\Route\\\\Router->match('\\\/settings\\\/users...')\\n#14 \\\/var\\\/www\\\/html\\\/nextcloud\\\/index.php(37): OC::handleRequest()\\n#15 {main}\",\"File\":\"\\\/var\\\/www\\\/html\\\/nextcloud\\\/apps\\\/user_ldap\\\/lib\\\/Access.php\",\"Line\":721}","userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/65.0.3325.181 Safari\/537.36","version":"13.0.2.1"}

Insert your Nextcloud log here

</details>

#### Browser log
<details>
<summary>Browser log</summary>

Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log
c) ...

</details>

The text was updated successfully, but these errors were encountered:

MorrisJobke · 2018-05-22T14:16:25Z

cc @nextcloud/ldap

blizzz · 2018-05-28T14:52:20Z

@lucacarangelo i cannot reproduce it, works as intended with apostrophe in the dislplay name:

The issue must a different one.

What does occ ldap:show-remnants return?

lucacarangelo · 2018-05-28T15:22:28Z

Hi ,

going deeply in to the problem I recognize that the problem wasn't the apostrophe but the fact that user was no longer in to the Active Directory OU (user exists in AD but it's not in the particular OU anymore).

This is really a bad behaviour, the system should not stop to shows users if they are not present in AD or have been disabled.

I had to delete user using occ user:delete from nextcloud to make the system woking again showing users.

It could happen that a user is "removed" from the OU used by nextcloud ldap and re-inserted after a while.
If I enable the automatic deletion its data will be removed and as soon it is re-inserted in the OU he will not find his data anymore....

How can I manage this situation ?
Can we lease user data for some period after its "deletion" from active directory ?
How can I realign users with AD manually without waiting internal processes?

I also detect that sometime when a new user is added to the system it doesn't create all subfolders in its home and user is not able to use the system receiving an Internal Error.

Is there a way to rebuild its home directory structure ?

blizzz · 2018-05-28T21:13:42Z

This is really a bad behaviour, the system should not stop to shows users if they are not present in AD or have been disabled.

Indeed, and it is not supposed to.

blizzz · 2018-05-28T23:17:30Z

Proposed fix in #9640, would be nice if you can verify it solves the issue for you @lucacarangelo @KimTheFirst @spanguel

fixes #9502 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

check user state when fetching to avoid dealing with offline objects, fixes #9502

fixes #9502 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

MorrisJobke added bug feature: ldap 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels May 22, 2018

blizzz mentioned this issue May 28, 2018

Fix calling nonexistent function on OfflineUser #9563

Closed

blizzz changed the title ~~LDAP/AD integration Error 500 if you have users with apostrophe in surname~~ LDAP/AD integration Error 500 if a user is fetched that is marked as deleted May 28, 2018

blizzz removed the 0. Needs triage Pending check for reproducibility or if it fits our roadmap label May 29, 2018

MorrisJobke added the 3. to review Waiting for reviews label May 29, 2018

blizzz added a commit that referenced this issue May 29, 2018

check user state when fetching to avoid dealing with offline objects

8882d32

fixes #9502 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

blizzz closed this as completed in 73cacb8 May 29, 2018

blizzz added a commit that referenced this issue May 29, 2018

Merge pull request #9640 from nextcloud/fix/9502/missedstatecheck

c0ed6f9

check user state when fetching to avoid dealing with offline objects, fixes #9502

MorrisJobke added this to the Nextcloud 14 milestone May 29, 2018

MorrisJobke pushed a commit that referenced this issue May 29, 2018

check user state when fetching to avoid dealing with offline objects

d33ba08

fixes #9502 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

LDAP/AD integration Error 500 if a user is fetched that is marked as deleted #9502

LDAP/AD integration Error 500 if a user is fetched that is marked as deleted #9502

lucacarangelo commented May 17, 2018

MorrisJobke commented May 22, 2018

blizzz commented May 28, 2018

lucacarangelo commented May 28, 2018

blizzz commented May 28, 2018

blizzz commented May 28, 2018