Seafile 12 LDAP can't connect

Stamm01 · October 30, 2025, 8:32am

Hi, I’m still working on seafile, I installed version 12 in docker. But I also have an LDAP error. The configuration is the same (I tried changing different values)

Summary

ENABLE_LDAP = True

LDAP_SERVER_URL = ‘ldap://192.168.4.3’

LDAP_BASE_DN = ‘ou=Users,dc=domain,dc=lcl’

LDAP_ADMIN_DN = ‘admin@domain.lcl’

LDAP_ADMIN_PASSWORD = ‘pass’

LDAP_PROVIDER = ‘ldap’

LDAP_LOGIN_ATTR = ‘mail’

LDAP_LOGIN_ATTR = ‘userPrincipalName’

#LDAP_CONTACT_EMAIL_ATTR = ‘’

LDAP_CONTACT_EMAIL_ATTR = ‘mail’

LDAP_USER_ROLE_ATTR = ‘’

LDAP_USER_FIRST_NAME_ATTR = ‘givenName’

LDAP_USER_LAST_NAME_ATTR = ‘sn’

LDAP_USER_NAME_REVERSE = False

LDAP_FILTER = 'memberOf=cn=Seafile,ou=Users,dc=domain,dc=lcl’

[2025-10-29 16:55:38] [ERROR] django.request:241 log_response Internal Server Error: /api/v2.1/admin/ldap-users/ [2025-10-29 16:55:39] [ERROR] seahub.api2.endpoints.admin.users:946 get (11, ‘Resource temporarily unavailable’)

[2025-10-29 16:51:35] [ERROR] django.request:241 log_response Internal Server Error: /api/v2.1/admin/ldap-users/ [2025-10-29 16:51:36] [ERROR] seahub.api2.endpoints.admin.users:946 get Failed to get users from ldap server: {‘result’: -7, ‘desc’: ‘Bad search filter’, ‘ctrls’: }.

these are different configuration options. Can you tell me where the error is?

daniel.pan · October 31, 2025, 2:26pm

You have LDAP_LOGIN_ATTR defined twice.

You can also try to log in to the Seafile Docker container and use the ldapsearch command to verify if you can connect to LDAP manually. The command is like follows:

#-H LDAP_SERVER_URL#-b LDAP_BASE_DN
#-D LDAP_ADMIN_DN
#'(objectClass=person)'   LDAP Filter
#-W After executing this command, enter the password manually.

ldapsearch -x -H ldap://192.168.4.3/ -b 'cn=users,dc=hacn,dc=local' '(objectClass=person)' -D 'administrator@hacn.local' -W -LLL

Stamm01 · November 7, 2025, 9:06am

Hi, I spent a lot of time solving this problem. I tested the script and it works. I compared the entries and saw differences only in the “/” at the end of the line, with the value

LDAP_SERVER_URL = ‘ldap://192.168.4.3/’.

Thank you very much, I’ll keep working on it.

r350178982 · November 10, 2025, 2:35am

Hi，
Thank you for your feedback! After analyzing your logs, we’ve identified two types of errors you’re encountering:

“Resource temporarily unavailable” – this occurs when connecting to the LDAP server.
“Bad search filter” – this is caused by an invalid LDAP filter (LDAP_FILTER).

You suspect the issue might be related to whether the LDAP_SERVER_URL ends with a trailing slash “/”. However, we haven’t been able to reproduce this problem in our internal tests. We recommend testing with the following steps:

First, omit the LDAP_FILTER configuration. This will default to searching all AD users. With LDAP_FILTER unset, test by adding or removing the trailing “/” in the SERVER_URL to see if the LDAP connection works properly.

Seafile’s LDAP user access relies on the python-ldap package. According to the documentation, the LDAP URI does not require a trailing “/” at the end.

On the other hand, you also can test it by a python scripts to see which one will raise an error:

import ldap

server_url = “ldap://192.xx.xxx.“

server_url_slash = “ldap://192.xxx.xxx/“

conn1 = ldap.initialize(server_url)

conn2 = ldap.initialize(server_url_slash)

Stamm01 · November 11, 2025, 8:37am

Hi, I must have made a mistake. I rechecked the configuration and removed the / at the end of the line. And it works.

But now I can’t solve the problem with the access group - Seafile.
I added the line:
LDAP_FILTER = ‘memberOf=CN=Seafile,OU=TSK,DC=domain,DC=lcl’

dsquery group -name seafile
“CN=Seafile,OU=TSK,DC=domain,DC=lcl”

And the LDAP button is no longer available.

11-11-2025 133509

daniel.pan · November 12, 2025, 2:35am

Are there any errors in seahub.log?

Stamm01 · November 12, 2025, 11:32am

Docker compose 12 version startup error when restarting.

Error:Seahub failed to start.
Please try to run "./seahub.sh start" again
Traceback (most recent call last):
  File "/scripts/start.py", line 94, in <module>
    main()
  File "/scripts/start.py", line 80, in main
    call('{} start'.format(get_script('seahub.sh')))
  File "/scripts/utils.py", line 70, in call
    return subprocess.check_call(*a, **kw)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.12/subprocess.py", line 413, in check_call
    raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '/opt/seafile/seafile-server-12.0.14/seahub.sh start' returned non-zero exit status 1.

If I disable
#LDAP_FILTER = ‘memberOf=CN=Seafile,OU=domail,dc=tsgk,dc=lcl’

it works, but the logs are in seahub.log:

[2025-11-12 16:22:16] [ERROR] seahub.utils.timeutils:65 timestamp_to_isoformat_timestr ‘<=’ not supported between instances of ‘int’ and ‘NoneType’

In version 13, the logs show this error:

[2025-11-12 16:44:56] [ERROR] seahub_settings.py load: SyntaxError: unterminated string literal (detected at line 32) (seahub_settings.py, line 32)
Traceback (most recent call last):
  File "/opt/seafile/seafile-server-13.0.12/seahub/seahub/settings.py", line 1167, in <module>
    import seahub_settings
  File "/opt/seafile/conf/seahub_settings.py", line 32
    LDAP_FILTER = 'memberOf=CN=Seafile,OU=TSK,DC=dimain,DC=lcl’
                  ^
SyntaxError: unterminated string literal (detected at line 32)

[2025-11-12 11:45:04] [WARNING] django.security.SuspiciousSession:138 decode Session data corrupted

The service starts, but there’s no LDAP button.

daniel.pan · November 12, 2025, 2:16pm

SyntaxError: unterminated string literal (detected at line 32)

As the error indicated, you should make sure the quote character (’) at the end of the line is a correct English quote character (').

Stamm01 · November 13, 2025, 4:23am

I feel uneasy, that’s true. Thank you very much for your quick reply. My inattention has let me down again.