Skip to content

GET /api/v3/flows/executor/default-password-change/ - Error when trying to change password for LDAP user #6466

New issue
New issue
Closed as not planned
Closed as not planned
GET /api/v3/flows/executor/default-password-change/ - Error when trying to change password for LDAP user#6466
Labels
legacy/wontfix
@v1k7g85

Description

@v1k7g85
v1k7g85
opened on Aug 3, 2023

Describe the bug
The error occurs when the option "User password writeback" is enabled in the LDAP Source configuration. When trying to change the password in the user profile, an error "Something went wrong! Please try again later" apearce

To Reproduce
Steps to reproduce the behavior:

  1. Go to 'Federation & Social login'
  2. Set option 'User password writeback' in LDAP source configuration
  3. Go to 'Directory/Users'
  4. Click "Impersonate' next to the user
  5. Select "Settings/Chancge password'
  6. Write password
  7. Click 'Continue'
  8. See error

Expected behavior
Password changed

Screenshots
If applicable, add screenshots to help explain your problem.

Logs

Stacktrace from authentik 
Traceback (most recent call last):
  File "/authentik/flows/views/executor.py", line 298, in get
    stage_response = self.current_stage_view.get(request, *args, **kwargs)
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/stages/user_write/stage.py", line 154, in get
    self.update_user(user)
  File "/authentik/stages/user_write/stage.py", line 100, in update_user
    setter(value)
  File "/authentik/core/models.py", line 197, in set_password
    password_changed.send(sender=self, user=self, password=raw_password)
  File "/usr/local/lib/python3.11/site-packages/django/dispatch/dispatcher.py", line 176, in send
    return [
           ^
  File "/usr/local/lib/python3.11/site-packages/django/dispatch/dispatcher.py", line 177, in <listcomp>
    (receiver, receiver(signal=self, sender=sender, **named))
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/sentry_sdk/integrations/django/signals_handlers.py", line 66, in wrapper
    return receiver(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/sources/ldap/signals.py", line 62, in ldap_sync_password
    changer.change_password(user, password)
  File "/authentik/sources/ldap/password.py", line 96, in change_password
    self._connection.extend.standard.modify_password(user_dn, new_password=password)
  File "/usr/local/lib/python3.11/site-packages/ldap3/extend/__init__.py", line 82, in modify_password
    controls).send()
              ^^^^^^
  File "/usr/local/lib/python3.11/site-packages/ldap3/extend/operation.py", line 51, in send
    raise LDAPExtensionError('extension not in DSA list of supported extensions')
ldap3.core.exceptions.LDAPExtensionError: extension not in DSA list of supported extensions

Version and Deployment (please complete the following information):

  • authentik version: 2023.6.0
  • Deployment: helm

Additional context
No additional context

Metadata

Metadata

Assignees

No one assigned

    Labels

    legacy/wontfix

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions