[GH-ISSUE #852] 'NoneType' object is not iterable after a ldap login #756

New issue

Closed

opened 2026-02-27 11:13:23 +03:00 by kerem · 10 comments

kerem commented 2026-02-27 11:13:23 +03:00

Owner

Copy link

Originally created by @romainreuillon on GitHub (Mar 17, 2016).
Original GitHub issue: https://github.com/modoboa/modoboa/issues/852

Hi,

I configured the ldap login using search and bind with the following settings:

Annonymous bind
users search base: ou=People,dc=iscpif,dc=fr
search filter: (uid=%(user)s)
password attribute: userPassword

It seems to work since when I enter an login / password not in the ldap modoboa tells "wrong login / password", but when I enter a correct login password (for instance login: reuillon, mdp: password), I get this error :

Environment:


Request Method: POST
Request URL: https://mail.iscpif.fr/accounts/login/

Django Version: 1.8.11
Python Version: 2.7.6
Installed Applications:
('django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.sites',
 'django.contrib.staticfiles',
 'reversion',
 'rest_framework.authtoken',
 'modoboa',
 'modoboa.core',
 'modoboa.lib',
 'modoboa.admin',
 'modoboa.relaydomains',
 'modoboa.limits',
 'modoboa_amavis',
 'modoboa_pdfcredentials',
 'modoboa_postfix_autoreply',
 'modoboa_sievefilters',
 'modoboa_stats',
 'modoboa_webmail')
Installed Middleware:
('x_forwarded_for.middleware.XForwardedForMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.locale.LocaleMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware',
 'modoboa.lib.middleware.AjaxLoginRedirect',
 'modoboa.lib.middleware.CommonExceptionCatcher',
 'modoboa.lib.middleware.RequestCatcherMiddleware')


Traceback:
File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  132.                     response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/utils/decorators.py" in inner
  145.                     return func(*args, **kwargs)
File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/utils/decorators.py" in inner
  145.                     return func(*args, **kwargs)
File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
  57.         response = view_func(request, *args, **kwargs)
File "/srv/modoboa/env/local/lib/python2.7/site-packages/modoboa/core/views/auth.py" in dologin
  24.                                 password=form.cleaned_data["password"])
File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/contrib/auth/__init__.py" in authenticate
  74.             user = backend.authenticate(**credentials)
File "/srv/modoboa/env/local/lib/python2.7/site-packages/modoboa/lib/authbackends.py" in authenticate
  75.                 return super(LDAPBackend, self).authenticate(username, password)
File "/srv/modoboa/env/local/lib/python2.7/site-packages/django_auth_ldap/backend.py" in authenticate
  167.         user = ldap_user.authenticate(password)
File "/srv/modoboa/env/local/lib/python2.7/site-packages/django_auth_ldap/backend.py" in authenticate
  339.             self._get_or_create_user()
File "/srv/modoboa/env/local/lib/python2.7/site-packages/django_auth_ldap/backend.py" in _get_or_create_user
  548.         self._user, created = self.backend.get_or_create_user(username, self)

Exception Type: TypeError at /accounts/login/
Exception Value: 'NoneType' object is not iterable

Any idea what goes wrong ?

cheers,
Romain

Originally created by @romainreuillon on GitHub (Mar 17, 2016). Original GitHub issue: https://github.com/modoboa/modoboa/issues/852 Hi, I configured the ldap login using search and bind with the following settings: Annonymous bind users search base: ou=People,dc=iscpif,dc=fr search filter: (uid=%(user)s) password attribute: userPassword It seems to work since when I enter an login / password not in the ldap modoboa tells "wrong login / password", but when I enter a correct login password (for instance login: reuillon, mdp: password), I get this error : ``` Environment: Request Method: POST Request URL: https://mail.iscpif.fr/accounts/login/ Django Version: 1.8.11 Python Version: 2.7.6 Installed Applications: ('django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.sites', 'django.contrib.staticfiles', 'reversion', 'rest_framework.authtoken', 'modoboa', 'modoboa.core', 'modoboa.lib', 'modoboa.admin', 'modoboa.relaydomains', 'modoboa.limits', 'modoboa_amavis', 'modoboa_pdfcredentials', 'modoboa_postfix_autoreply', 'modoboa_sievefilters', 'modoboa_stats', 'modoboa_webmail') Installed Middleware: ('x_forwarded_for.middleware.XForwardedForMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'modoboa.lib.middleware.AjaxLoginRedirect', 'modoboa.lib.middleware.CommonExceptionCatcher', 'modoboa.lib.middleware.RequestCatcherMiddleware') Traceback: File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response 132. response = wrapped_callback(request, *callback_args, **callback_kwargs) File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/utils/decorators.py" in inner 145. return func(*args, **kwargs) File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/utils/decorators.py" in inner 145. return func(*args, **kwargs) File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func 57. response = view_func(request, *args, **kwargs) File "/srv/modoboa/env/local/lib/python2.7/site-packages/modoboa/core/views/auth.py" in dologin 24. password=form.cleaned_data["password"]) File "/srv/modoboa/env/local/lib/python2.7/site-packages/django/contrib/auth/__init__.py" in authenticate 74. user = backend.authenticate(**credentials) File "/srv/modoboa/env/local/lib/python2.7/site-packages/modoboa/lib/authbackends.py" in authenticate 75. return super(LDAPBackend, self).authenticate(username, password) File "/srv/modoboa/env/local/lib/python2.7/site-packages/django_auth_ldap/backend.py" in authenticate 167. user = ldap_user.authenticate(password) File "/srv/modoboa/env/local/lib/python2.7/site-packages/django_auth_ldap/backend.py" in authenticate 339. self._get_or_create_user() File "/srv/modoboa/env/local/lib/python2.7/site-packages/django_auth_ldap/backend.py" in _get_or_create_user 548. self._user, created = self.backend.get_or_create_user(username, self) Exception Type: TypeError at /accounts/login/ Exception Value: 'NoneType' object is not iterable ``` Any idea what goes wrong ? cheers, Romain

kerem closed this issue 2026-02-27 11:13:23 +03:00

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@tonioo commented on GitHub (Mar 17, 2016):

Hi,
have you read the documentation about LDAP configuration ? (http://modoboa.readthedocs.org/en/latest/getting_started/configuration.html#ldap):

The first time a user connects to Modoboa, a local account is created if the LDAP username is a valid email address. By default, this account belongs to the SimpleUsers group and it has a mailbox.

To automatically create domain administrators, you can use the Administrator groups setting. If a LDAP user belongs to one the listed groups, its local account will belong to the DomainAdmins group. In this case, the username is not necessarily an email address.

So, if you want to create simple users from your LDAP directory, you must use email addresses as usernames. I suggest you change the search filter to match an email address instead of a uid.

<!-- gh-comment-id:197942078 --> @tonioo commented on GitHub (Mar 17, 2016): Hi, have you read the documentation about LDAP configuration ? (http://modoboa.readthedocs.org/en/latest/getting_started/configuration.html#ldap): > The first time a user connects to Modoboa, a local account is created if the LDAP username is a valid email address. By default, this account belongs to the SimpleUsers group and it has a mailbox. > > To automatically create domain administrators, you can use the Administrator groups setting. If a LDAP user belongs to one the listed groups, its local account will belong to the DomainAdmins group. In this case, the username is not necessarily an email address. So, if you want to create simple users from your LDAP directory, you must use email addresses as usernames. I suggest you change the search filter to match an email address instead of a uid.

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@romainreuillon commented on GitHub (Mar 17, 2016):

Hi Tonioo,

Thanks for pointing that out. I fixed my config by setting the search filter to (mail=%(user)s). I can now login modoboa with romain.reuillon@iscpif.fr as username. However when I go to the webmail page I get this error:

Error: ['[AUTHENTICATIONFAILED] Authentication failed.']

Any idea what could be wrong?

Romain

<!-- gh-comment-id:197950249 --> @romainreuillon commented on GitHub (Mar 17, 2016): Hi Tonioo, Thanks for pointing that out. I fixed my config by setting the search filter to (mail=%(user)s). I can now login modoboa with romain.reuillon@iscpif.fr as username. However when I go to the webmail page I get this error: `Error: ['[AUTHENTICATIONFAILED] Authentication failed.']` Any idea what could be wrong? Romain

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@romainreuillon commented on GitHub (Mar 17, 2016):

PS: it seem that no domain neither mail box have been created in /srv/vmail

<!-- gh-comment-id:197951780 --> @romainreuillon commented on GitHub (Mar 17, 2016): PS: it seem that no domain neither mail box have been created in /srv/vmail

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@romainreuillon commented on GitHub (Mar 17, 2016):

PS2: I just tried with non ldap users and everything works fine for the same domain

<!-- gh-comment-id:197953385 --> @romainreuillon commented on GitHub (Mar 17, 2016): PS2: I just tried with non ldap users and everything works fine for the same domain

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@romainreuillon commented on GitHub (Mar 17, 2016):

In syslog I get this kind of error:

Mar 17 17:21:18 mail dovecot: auth: Error: sql(romain.reuillon@iscpif.fr,127.0.0.1,<slo3BUEuogB/AAAB>): Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password Mar 17 17:21:20 mail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<romain.reuillon@iscpif.fr>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<slo3BUEuogB/AAAB>

<!-- gh-comment-id:197957445 --> @romainreuillon commented on GitHub (Mar 17, 2016): In syslog I get this kind of error: `Mar 17 17:21:18 mail dovecot: auth: Error: sql(romain.reuillon@iscpif.fr,127.0.0.1,<slo3BUEuogB/AAAB>): Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password Mar 17 17:21:20 mail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<romain.reuillon@iscpif.fr>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<slo3BUEuogB/AAAB>`

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@tonioo commented on GitHub (Mar 18, 2016):

Users created from a LDAP directory won't have any password in the SQL database. The passwords will always stay into the directory so you need to setup both LDAP and SQL authentication for Dovecot.

About mailbox on the local file system, it will be created by Dovecot after the first succesfull login.

<!-- gh-comment-id:198247149 --> @tonioo commented on GitHub (Mar 18, 2016): Users created from a LDAP directory won't have any password in the SQL database. The passwords will always stay into the directory so you need to setup both LDAP and SQL authentication for Dovecot. About mailbox on the local file system, it will be created by Dovecot after the first succesfull login.

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@romainreuillon commented on GitHub (Mar 18, 2016):

Thanks it helps a lot!

<!-- gh-comment-id:198407162 --> @romainreuillon commented on GitHub (Mar 18, 2016): Thanks it helps a lot!

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@tonioo commented on GitHub (Mar 18, 2016):

Can I close the issue ?

<!-- gh-comment-id:198414149 --> @tonioo commented on GitHub (Mar 18, 2016): Can I close the issue ?

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@romainreuillon commented on GitHub (Mar 18, 2016):

Yes

<!-- gh-comment-id:198426067 --> @romainreuillon commented on GitHub (Mar 18, 2016): Yes

kerem commented 2026-02-27 11:13:24 +03:00

Author

Owner

Copy link

@changchichung commented on GitHub (Feb 5, 2022):

I have the same error

 " mail dovecot: auth: Error: sql(romain.reuillon@iscpif.fr,127.0.0.1,<slo3BUEuogB/AAAB>): Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password Mar 17 17:21:20 mail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<romain.reuillon@iscpif.fr>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<slo3BUEuogB/AAAB>"

but I can not find where to do these ??

 you need to setup both LDAP and SQL authentication for Dovecot.

I know the LDAP part , but where can I configure "SQL authentication for Dovecot." ??
I see nothing related to dovecot in modoboa parameters

<!-- gh-comment-id:1030661985 --> @changchichung commented on GitHub (Feb 5, 2022): I have the same error ``` " mail dovecot: auth: Error: sql(romain.reuillon@iscpif.fr,127.0.0.1,<slo3BUEuogB/AAAB>): Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password Mar 17 17:21:20 mail dovecot: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<romain.reuillon@iscpif.fr>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<slo3BUEuogB/AAAB>" ``` but I can not find where to do these ?? ``` you need to setup both LDAP and SQL authentication for Dovecot. ``` I know the LDAP part , but where can I configure "SQL authentication for Dovecot." ?? I see nothing related to dovecot in modoboa parameters

kerem referenced this issue 2026-02-27 11:20:32 +03:00

[PR #756] [MERGED] Fix invalid path for settings.css #2008

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

fix/sievefilters-allow-email-in-rule-name

dependabot/npm_and_yarn/frontend/axios-1.15.0

translations_04c0b653215cb5fa48ab101eae1a1917_ja_JP

translations_5d93982e9fd6dab991db4faf93ce9ded_ja_JP

fix/login-issue-3995

fix/sievefilters-issues

add-vitepress-openapi

2974-dmarc-empty-email

2.3.x

updated-doc-2.3.0

feature/OIDC

delete-all-alarms

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_af_ZA

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_ar

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_ca

1.x

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_sk

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_tr

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_es_ES

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_uk

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_zh_CN

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_de_DE

translations_modoboa-admin-locale-en-lc-messages-djangojs-po--master_da_DK

1.8.x

1.7.x

1.6.x

1.4.x

1.3.x

1.2.x

2.8.2

2.8.1

2.8.0

2.7.2

2.7.1

2.7.0

2.6.5

2.6.4

2.6.3

2.6.2

2.6.1

2.6.0

2.5.1

2.5.0

2.4.11

2.4.10

2.4.9

2.4.8

2.4.7

2.4.6

2.4.5

2.4.4

2.4.3

2.4.2

2.4.1

2.4.0

2.3.6

2.3.5

2.3.4

2.3.3

2.3.2

2.3.1

2.3.0

2.3.0-beta.4

2.3.0-beta.3

2.3.0-beta.2

2.3.0-beta.1

2.2.4

2.2.3

2.2.2

2.2.1

2.2.0

2.1.2

2.1.1

2.1.0

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

2.0.0-beta.3

2.0.0-beta.2

2.0.0-beta.1

1.17.0

1.16.1

1.16.0

1.15.0

1.14.0

1.13.1

1.13.0

1.12.2

1.12.1

1.12.0

1.11.1

1.11.0

1.10.7

1.10.6

1.10.5

1.10.4

1.10.3

1.10.2

1.10.1

1.10.0

1.9.1

1.9.0

1.8.3

1.8.2

1.8.1

1.8.0

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.3

1.6.2

1.6.1

1.6.0

1.5.3

1.5.2

1.5.1

1.5.0

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.5

1.3.4

1.2.2

1.3.3

1.3.2

1.3.1

1.3.0

1.2.1

1.2.0

1.2.0-rc2

1.2.0-rc1

1.1.7

1.1.6

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.1

1.0.0

0.9.5

0.9.4

0.9.3

0.9.2

0.9.1

0.9

0.8.8

0.8.7

0.8.6.1

0.8.6

0.8.5

0.8.4

0.8.3

0.8.3-rc1

0.8.2

0.8.1

0.8

0.8-rc2

0.8-rc1

0.7.2

0.7.1

0.7

0.6.1

0.6

0.5

0.3

0.2

0.1

Labels

Clear labels   

bug

  

bug

  

dependencies

  

design

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

feedback-needed

  

help-needed

  

help-needed

  

installer

  

invalid

  

looking-for-sponsors

  

modoboa-contacts

  

new-ui

  

new-ui

  

pr

  

pull-request

Mirrored from GitHub Pull Request

  

pyconfr

  

python

  

question

  

security

  

stale

  

webmail

  

wontfix

No labels

bug

bug

dependencies

design

documentation

duplicate

enhancement

enhancement

enhancement

feedback-needed

help-needed

help-needed

installer

invalid

looking-for-sponsors

modoboa-contacts

new-ui

new-ui

pr

pull-request

pyconfr

python

question

security

stale

webmail

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/modoboa-modoboa#756

No description provided.