Summary
Receiving error “createSessionForUserAccessToken: Invalid or missing token” when attempting to logon as AD/LDAP user
Steps to reproduce
Version 6.0.2
LDAP Congfig:
"LdapSettings": {
"Enable": true,
"EnableSync": true,
"LdapServer": "192.168.1.15",
"LdapPort": 389,
"ConnectionSecurity": "",
"BaseDN": "OU=RefugeUsers,DC=refuge,DC=fx",
"BindUsername": "schaefferp@refuge.fx",
"BindPassword": "*********************",
"UserFilter": "",
"GroupFilter": "",
"GuestFilter": "",
"EnableAdminFilter": false,
"AdminFilter": "",
"GroupDisplayNameAttribute": "cn",
"GroupIdAttribute": "objectGUID",
"FirstNameAttribute": "userPrincipalName",
"LastNameAttribute": "sn",
"EmailAttribute": "email",
"UsernameAttribute": "userPrincipalName",
"NicknameAttribute": "nickname",
"IdAttribute": "userPrincipalName",
"PositionAttribute": "title",
"LoginIdAttribute": "userPrincipalName",
"PictureAttribute": "thumbnailPhoto",
"SyncIntervalMinutes": 60,
"SkipCertificateVerification": true,
"PublicCertificateFile": "",
"PrivateKeyFile": "",
"QueryTimeout": 60,
"MaxPageSize": 0,
"LoginFieldName": "refuge.fx Username",
"LoginButtonColor": "#0000",
"LoginButtonBorderColor": "#2389D7",
"LoginButtonTextColor": "#2389D7",
"Trace": false
},
Expected behavior
AD/LSAP Users should be able to logon to mattermost with their userPrincipalName.
Observed behavior
Logon fails with “invailid email address username/password” and error log reads:
{"timestamp":"2021-11-16 10:42:01.645 -08:00","level":"warn","msg":"Error while creating session for user access token","caller":"app/session.go:89","error":"createSessionForUserAccessToken: Invalid or missing token., resource: UserAccessToken id: token=1fdbcmaegtdmpxt95crbor4oey"}