I would like to add myself to this error. Can you please tell us whats wrong. Error is still in version 8.0.2. The Users are still in the ccnet usermgr database. But are not shown in the ldap imported tab on the web-interface.
I can’t find any errors in any seafile log.
No luck for me either, the behavior and error are the same with version 8.0.5.
I wonder if this has something to do with the fact that ccnet component has been removed starting with version 8.x.
Could be that something has not been migrated properly in the database? E.g., I see that my LDAP user exists in the table ccnet_db.LDAPUsers but it does not exist in ccnet_db.EmailUser.
So it seems at login time, only table EmailUser is being checked. Or maybe this is the normal behavior when LDAP is activated…?
Anyway, later today or tomorrow I will try to install the AMD64 version on my laptop, with the same configuration and database as the ARM version, and see if the problem persists. At least we will know if it is an architecture specific issue or not.
Ah, one more thing, maybe this will also help identifying the problem: I am using SSO functionality which also doesn’t work in 8.x version but it works in 7.x version.
My configuration in seahub_settings.py is
ENABLE_REMOTE_USER_AUTHENTICATION = True
# Optional, HTTP header, which is configured in your web server conf file,
# used for Seafile to get user's unique id, default value is 'HTTP_REMOTE_USER'.
REMOTE_USER_HEADER = 'HTTP_REMOTE_USER'
# Optional, whether to create new user in Seafile system, default value is True.
# If this setting is disabled, users doesn't preexist in the Seafile DB cannot login.
# The admin has to first import the users from external systems like LDAP.
REMOTE_USER_CREATE_UNKNOWN_USER = False
# Optional, whether to activate new user in Seafile system, default value is True.
# If this setting is disabled, user will be unable to login by default.
# the administrator needs to manually activate this user.
REMOTE_USER_ACTIVATE_USER_AFTER_CREATION = True
As per my understanding, when SSO is used, the password is not validated, which would mean the LDAP system is not invoked. But instead, the Seafile application would check the user from HTTP header HTTP_REMOTE_USER against its own database.
When trying to login with SSO, in version 8.0.x, I get the error Error, new user registration is not allowed, please contact administrator.
Which makes sense, considering that REMOTE_USER_CREATE_UNKNOWN_USER is set to False.
But that also shows that user existence is not checked against table ccnet_db.LDAPUsers.
@daniel.pan, what do you think? Please also check my previous message, as they are related.