I have followed metabase documentation and was able to login via LDAP with user schema but now when I am trying to login as part of group ad, I am not able to do so.
PFB snippet for reference, where I have displayed my current configuration.
Below is the error, when I am trying to login as part of group member:
[4cdf3f7e-3837-4719-a7b7-67ba8e4582b3] 2023-02-10T09:35:20+04:00 INFO metabase.server.middleware.exceptions Request canceled before finishing.
[4cdf3f7e-3837-4719-a7b7-67ba8e4582b3] 2023-02-10T09:35:22+04:00 DEBUG metabase.server.middleware.log DELETE /api/session 204 3.3 ms (3 DB calls) App DB connections: 0/15 Jetty threads: 4/50 (1 idle, 0 queued) (99 total active threads) Queries in flight: 0 (0 queued)
[4cdf3f7e-3837-4719-a7b7-67ba8e4582b3] 2023-02-10T09:35:23+04:00 DEBUG **metabase.server.middleware.log GET /api/user/current 401 120.1 µs (0 DB calls) ** "Unauthenticated"
[4cdf3f7e-3837-4719-a7b7-67ba8e4582b3] 2023-02-10T09:35:23+04:00 DEBUG metabase.server.middleware.log GET /api/session/properties 200 6.3 ms (1 DB calls) App DB connections: 0/15 Jetty threads: 4/50 (1 idle, 0 queued) (99 total active threads) Queries in flight: 0 (0 queued)
[4cdf3f7e-3837-4719-a7b7-67ba8e4582b3] 2023-02-10T09:35:23+04:00 INFO metabase.server.middleware.exceptions Request canceled before finishing.
[4cdf3f7e-3837-4719-a7b7-67ba8e4582b3] 2023-02-10T09:35:25+04:00 INFO metabase.server.middleware.exceptions Request canceled before finishing.
[4cdf3f7e-3837-4719-a7b7-67ba8e4582b3] 2023-02-10T09:35:31+04:00 ERROR metabase.api.session Authentication endpoint error clojure.lang.ExceptionInfo: Password did not match stored password. {:status-code 401, :errors {:password "did not match stored password"}}
at metabase.api.session$do_http_401_on_error.invokeStatic(session.clj:156)
at metabase.api.session$do_http_401_on_error.invoke(session.clj:152)
at metabase.api.session$fn__81669.invokeStatic(session.clj:177)
at metabase.api.session$fn__81669.invoke(session.clj:164)
at compojure.core$wrap_response$fn__29313.invoke(core.clj:160)
basically when I am passing user filter with " (&(objectClass=user)(|(sAMAccountName={login})(mail={login}))) " this value I am able to login into metabase with AD creds but when I try to replace this with actual values from my AD then it is not allowing me to login.
error says, incorrect stored credentials.
Is there any reason why you're not sending us the troubleshooting information? (settings->admin->troubleshooting info) so we can have contextual information about your instance?
This issue is taking us more time than usual to tackle since building an LDAP environment and then reproducing takes time. Also please remember that we don't ensure ETA's on the forum, that's only for paid customers