LDAP Invalid private key after password reset #7156
Labels
0. Needs triage
Pending check for reproducibility or if it fits our roadmap
bug
feature: encryption (server-side)
feature: ldap
Comments
|
cc @nextcloud/encryption |
|
Sadly, i also have this bug now. All i did was upgrade to NextCloud 13 and then activate the Default Encryption Module. Now it's showing this message to all users:
|
|
Same message after updating from 12 to 13 (php 5.6, local users). |
skjnldsv
added
the
0. Needs triage
|
As the version of the software you've reported this for has reached end of life, I will close this ticket. If this is still happening after an upgrade to the latest version, feel free to reopen |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Steps to reproduce
1.Activate encryption
2.enable recocery feature (admin).
3.Activate user file recovery feature.
4.Reset user password by email.
5.Error "Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files." is shown after login. Old files still work, new ones too...
6. Entered Old password and new password
Expected behaviour
Actual behaviour
Server configuration
Operating system: 16.04 LTS
Web server: Apache2 2.4.18
Database: MariaDB 10.0.31
PHP version: PHP 7.0.22
Nextcloud version: 12.0.3
Updated from an older Nextcloud/ownCloud or fresh install: No
Where did you install Nextcloud from:
Signing status:
Signing status
No errors have been found.Nextcloud configuration:
Config report
{
"system": {
"instanceid": "ocm2546lszfb",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"++++++",
"++++++"
],
"datadirectory": "/data/data",
"overwrite.cli.url": "https://+++++++",
"dbtype": "mysql",
"version": "12.0.3.3",
"dbname": "+++++",
"dbhost": "localhost",
"dbport": "",
"dbtableprefix": "oc_",
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"logtimezone": "UTC",
"installed": true,
"maintenance": false,
"theme": "",
"loglevel": "0",
"filelocking.enabled": true,
"memcache.locking": "\OC\Memcache\Redis",
"memcache.local": "\OC\Memcache\APCu",
"memcache.distributed": "\OC\Memcache\Memcached",
"mail_from_address": "+++++",
"mail_smtpmode": "php",
"mail_smtpauthtype": "LOGIN",
"mail_domain": "+++++.net",
"mail_smtphost": "+++.e++++.net",
"mail_smtpport": "25",
"ldapIgnoreNamingRules": false,
"ldapProviderFactory": "\OCA\User_LDAP\LDAPProviderFactory"
}
}
Are you using encryption: yes
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
LDAP configuration (delete this part if not used)
LDAP config
+-------------------------------+-------------------------------------------------------------------------------------------------------+
| Configuration | s01 |
+-------------------------------+-------------------------------------------------------------------------------------------------------+
| hasMemberOfFilterSupport | 1 |
| hasPagedResultSupport | |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | +++++ |
| ldapAgentPassword | ++++++++++ |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | dc=++++=+++++ |
| ldapBaseGroups | ou=++,dc=+++,dc=+++;ou=+++++,dc=+++,dc=++++l |
| ldapBaseUsers | dc=++++++=local |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | samAccountName |
| ldapExpertUsernameAttr | |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (&(|(objectclass=group))) |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 0 |
| ldapGroupFilterObjectclass | group |
| ldapGroupMemberAssocAttr | member |
| ldapHost | ++++++++ |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(&(|(objectclass=user)))(|(samaccountname=%uid)(|(userPrincipalName=%uid)(mail=%uid))(|(cn=%uid)))) |
| ldapLoginFilterAttributes | cn |
| ldapLoginFilterEmail | 1 |
| ldapLoginFilterMode | 1 |
| ldapLoginFilterUsername | 1 |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 389 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserDisplayName | displayname |
| ldapUserDisplayName2 | |
| ldapUserFilter | (&(|(objectclass=user))) |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 0 |
| ldapUserFilterObjectclass | user |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 1 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+-------------------------------------------------------------------------------------------------------+
The text was updated successfully, but these errors were encountered: