0006157: Changing passwords with OpenID enabled fails - SOGo

ID	Project	Category	View Status	Date Submitted	Last Update

0006157	SOGo	Web Preferences	public	2025-10-30 22:42	2025-11-13 13:41

Reporter	jordi	Assigned To	qhivert
Priority	normal	Severity	major	Reproducibility	always
Status	feedback	Resolution	open
Product Version	5.12.4

Summary	0006157: Changing passwords with OpenID enabled fails
Description	If I enable OpenId logins to the SOGo web UI and try to change my account's password, the LDAP bind fails with: Oct 30 23:27:05 sogod [637824]: <0x0x560d1f21dea0[LDAPSource]> <NSException: 0x560d1f961e20> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{"error_code" = 49; login = "uid=jordi@company.com,ou=people,dc=company,dc=com"; } The uid should be "jordi", not my email "jordi@company.com". however, if I disable OpenId and do a normal SOGo login using LDAP, password is changed successfully and the bind uses the correct uid "jordi".
Tags	No tags attached.

Date Modified	Username	Field	Change
2025-10-30 22:42	jordi	New Issue
2025-11-13 13:41	qhivert	Note Added: 0018370
2025-11-13 13:41	qhivert	Assigned To	=> qhivert
2025-11-13 13:41	qhivert	Status	new => feedback

qhivert 2025-11-13 13:41 administrator ~0018370	Hello, When using an SSO you should disable the password change: SOGoPasswordChangeEnabled = No; Even if in your case I can see the convenience it makes no sense for a app to be able to change the SSO password, it should be your SSO that provides such a feature.