Standard login failed but LDAP login working

Cris70 · February 28, 2024, 2:24pm

Problem to solve

We have an on-premise installation of Gitlab CE.
We started configuring users directly in Gitlab and later we added LDAP (FreeIPA).
Our login page show both the LDAP and the standard authentication options.
I have always been able to use either to log in, but suddenly (after latest update maybe?) I am not able to login with my standard user and I have to use the LDAP user.

Steps to reproduce

The error simply states “Invalid login or password.”
I tried to find more detailed error messages in the logs, but was unable to.

Versions

Self-managed
GitLab.com SaaS

Versions

System information
System:
Current User: git
Using RVM: no
Ruby Version: 3.1.4p223
Gem Version: 3.5.5
Bundler Version:2.5.5
Rake Version: 13.0.6
Redis Version: 7.0.15
Sidekiq Version:7.1.6
Go Version: unknown

GitLab information
Version: 16.9.1
Revision: 0ef8ba69a8f
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: PostgreSQL
DB Version: 13.13
URL: https://git.domain_amended
HTTP Clone URL: https://git.domain_amended/some-group/some-project.git
SSH Clone URL: git@git.domain_amended:some-group/some-project.git
Using LDAP: yes
Using Omniauth: yes
Omniauth Providers:

GitLab Shell
Version: 14.33.0
Repository storages:

default: unix:/var/opt/gitlab/gitaly/gitaly.socket
GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell

Gitaly

default Address: unix:/var/opt/gitlab/gitaly/gitaly.socket
default Version: 16.9.1
default Git Version: 2.43.0

paulpb · March 6, 2024, 2:04pm

+1 Same behavior in our self-managed docker GitLab CE after upgrading to 16.9.1

Users with standard login who never linked to LDAP are still able to use the standard login.

nlopes · March 21, 2024, 10:25am

I’m having the same issue on 16.9.2.

riordorian · April 13, 2024, 1:06pm

I have the same problem. Update to 16.10 has no effect

tbnguyen1407 · May 15, 2024, 5:46am

Same problem with Gitlab 16.11.2. After signing in LDAP once for existing local user, Standard sign-in no longer works.

Tried but not working:
(1) Removing user’s LDAP identity (using Admin)
(2) Removing user’s LDAP identity (using Admin) and set new password (using Admin)

I still can only sign in with LDAP (which will create the LDAP identity again).

vdtoorn · June 12, 2024, 10:49am

I noticed the same problem on 17.01 self-hosted (omnibus). It’s annoying because I have collaborators who left our institute but still need access… Interestingly some ‘machine’ accounts, for instance for Ansible, that were created without LDAP access still have access via the standard login.

melasto · November 14, 2024, 7:10am

same problem after upgrade gitlab-ce docker(omnibus) from 16.10.9 to 16.11.10

Topic		Replies	Views
Could not authenticate you from Ldapmain because "Invalid credentials" Self-managed ldap	5	23223	November 8, 2019
[SOLVED] Gitlab-rake gitlab:ldap:check ok, Invalid Credentials on GUI Self-managed ldap	1	8131	August 23, 2018
Invalid credentials Self-managed ldap	0	135	August 28, 2024
Bitnami GitLab CE Server Ldap Self-managed ldap	0	1958	November 21, 2016
Issue Gitlab authentication LDAP Self-managed ldap	1	670	July 29, 2024

Standard login failed but LDAP login working

Problem to solve

Steps to reproduce

Versions

Related topics