View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0006157SOGoWeb Preferencespublic2025-10-30 22:422025-11-17 10:22
Reporterjordi Assigned Toqhivert  
PrioritynormalSeveritymajorReproducibilityalways
Status assignedResolutionopen 
Product Version5.12.4 
Summary0006157: Changing passwords with OpenID enabled fails
Description

If I enable OpenId logins to the SOGo web UI and try to change my account's password, the LDAP bind fails with:
Oct 30 23:27:05 sogod [637824]: <0x0x560d1f21dea0[LDAPSource]> <NSException: 0x560d1f961e20> NAME:LDAPException REASON:operation bind failed: Invalid credentials (0x31) INFO:{"error_code" = 49; login = "uid=jordi@company.com,ou=people,dc=company,dc=com"; }

The uid should be "jordi", not my email "jordi@company.com".

however, if I disable OpenId and do a normal SOGo login using LDAP, password is changed successfully and the bind uses the correct uid "jordi".

TagsNo tags attached.

Activities

qhivert

qhivert

2025-11-13 13:41

administrator   ~0018370

Hello,
When using an SSO you should disable the password change:
SOGoPasswordChangeEnabled = No;

Even if in your case I can see the convenience it makes no sense for a app to be able to change the SSO password, it should be your SSO that provides such a feature.
jordi

jordi

2025-11-17 10:22

reporter   ~0018375

Hi Quentin!

In fact, we do want to be able to change the password. In our setup, at least for now, we have protected the SOGo web frontend via OpenID, however caldav access is still provided via LDAP, and that uses a different password.

The issue here is that for whatever reason, the uid is adding the @company.com, instead of leaving it as just the login name, as excpected. I this behaviour on purpose?

Issue History

Date Modified Username Field Change
2025-10-30 22:42 jordi New Issue
2025-11-13 13:41 qhivert Note Added: 0018370
2025-11-13 13:41 qhivert Assigned To => qhivert
2025-11-13 13:41 qhivert Status new => feedback
2025-11-17 10:22 jordi Note Added: 0018375
2025-11-17 10:22 jordi Status feedback => assigned