People can login with LDAP auth, but we cannot create new user

Unfortunately, we had to downgrade from EE to CE (business downsized as well).

For the most part it went well. However, we have one interesting problem. Our existing LDAP users can login just fine, but we’re unable to create new users with LDAP auth. We can create locally authenticated users just fine.

We’re running 4.11.6
We get the following error in the logs when a user without an account tries to login:
2018-06-05 16:55:30.953 INFO [rhodecode.authentication.base] Authenticating user **** using egg:rhodecode-enterprise-ce#ldap plugin
2018-06-05 16:55:31.115 ERROR [rhodecode.authentication.plugins.auth_ldap] LDAP related exception
Traceback (most recent call last):
File “/opt/rhodecode/store/4rzx29245m6pv2knk7q2q93r5s7ifgqp-python2.7-rhodecode-enterprise-ce-4.11.6/lib/python2.7/site-packages/rhodecode/authentication/plugins/auth_ldap.py”, line 440, in auth
(user_dn, ldap_attrs) = aldap.authenticate_ldap(username, password)
File “/opt/rhodecode/store/4rzx29245m6pv2knk7q2q93r5s7ifgqp-python2.7-rhodecode-enterprise-ce-4.11.6/lib/python2.7/site-packages/rhodecode/authentication/plugins/auth_ldap.py”, line 325, in authenticate_ldap
‘with given password’.format(username))
LdapPasswordError: Failed to authenticate user ****with given password
2018-06-05 16:55:31.120 WARNI [rhodecode.model.validators] user **** failed to authenticate

Any ideas? Next steps?

Thanks,
Brad

This error seems to be related with authentication problem. It’s odd that it only fails for new users. Could it be the permissions changed for new user LDAP search ?

Generally the error above says user tries to connect to LDAP but it used a wrong password.