this week I upgraded Seafile CE 7.1.4 to PE 7.1.4 and then 7.1.6.
I added ldapsync settings and triggered a manual sync with pro.py ldapsync, with the following settings:
# ccnet.conf [ldap_sync] ACTIVATE_USER_WHEN_IMPORT = false # seahub_settings.py ACTIVATE_AFTER_FIRST_LOGIN = True
to let only active users consume licenses.
The process ended fine but I noticed that all (?) imported users were disabled.
So I asked all my users to first login from the web interface - this let the users to be re-activated and everything worked fine for a number of hours.
All of the sudden many users reported not being able to login anymore. The clients refused connection and asked to login again (as before - first login via web is required). They also tried to login via web but this time Seafile reported a problem of “The account is inactive”.
No way for the user to login again and re-activate the account themselves.
For one user I tried to activate the account manually, and it worked. But I don’t want to do that for all users.
I must report that one user reported the issue but he was able to login successfully and have his account active again.
So, why all of the sudden the accounts were disabled? Why the login does not enable them again?
Are there any problems calling the “manual” ldapsync from command line again, several times? How can I debug this?
I tried to lauch a second ldapsync manually and got:
[08/19/2020 16:44:34] [INFO] LDAP user sync result: add user, update user, deactive user, add role, update role [08/19/2020 16:44:34] [INFO] LDAP profile sync result: add profile, update profile, delete profile [08/19/2020 16:44:34] [INFO] LDAP dept sync result: add dept, update dept, delete dept
However, I’m sure that those 150 users already were in the DB (imported the day before).
Is ldapsync reliable? I start to suspect it’s not.