starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-02-12 19:06:27 +03:00
Code Issues 784 Packages Projects Releases 10 Wiki Activity

Merging accounts internal account management and ldap not possible #1128

New Issue
Closed
opened 2026-02-04 23:52:54 +03:00 by OVERLORD · 4 comments
OVERLORD commented 2026-02-04 23:52:54 +03:00
Owner
Copy Link

Originally created by @JHenneberg on GitHub (Apr 5, 2019).

Hello,

we have bookstack running with the internal authentification system. Now we want to switch to ldap without loosing the "information" who created which chapter etc. I switch to ldap and tried to login (account information are the same on ldap and internal authentification) but he is telling me that there is allready someone registered with the same mail but different creds. How I can make sure the creds are correct or is this in general not working?

I was doing this in debug mode and for me its looks like only the email address is checked not the credentials.

if ($alreadyUser) {
                throw new AuthException(trans('errors.error_user_exists_different_creds', ['email' => $user->email]));
            }

v.0.25.0

Edit:
I was able to find out with the debugging tool and the help of the wiki, that I have to add
CN=<NAME> <SURNAME>,CN=Users,DC=rohr2,DC=de
as "External Authentication ID" to be able to merge or map the accounts. But doing this for every account is quite exhausting :) Is there noway to do this mapping automatically?

Originally created by @JHenneberg on GitHub (Apr 5, 2019). Hello, we have bookstack running with the internal authentification system. Now we want to switch to ldap without loosing the "information" who created which chapter etc. I switch to ldap and tried to login (account information are the same on ldap and internal authentification) but he is telling me that there is allready someone registered with the same mail but different creds. How I can make sure the creds are correct or is this in general not working? I was doing this in debug mode and for me its looks like only the email address is checked not the credentials. ```PHP if ($alreadyUser) { throw new AuthException(trans('errors.error_user_exists_different_creds', ['email' => $user->email])); } ``` v.0.25.0 Edit: I was able to find out with the debugging tool and the help of the wiki, that I have to add `CN=<NAME> <SURNAME>,CN=Users,DC=rohr2,DC=de` as "External Authentication ID" to be able to merge or map the accounts. But doing this for every account is quite exhausting :) Is there noway to do this mapping automatically?
OVERLORD added the 🐕 Support Question labels 2026-02-04 23:52:54 +03:00
OVERLORD commented 2026-02-04 23:53:02 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Apr 5, 2019):

Hi @JHenneberg,
There's no way to automatically do this mapping right now, Ldap users in BookStack are always identified by UID followed by DN.

The fastest way to do your migration, if handling many users, would be to export a list of User DNs and emails from LDAP and format that directly to SQL queries to update the external auth ID field in the DB. The column to update is simply the external_auth_id column on the users table.

@ssddanbrown commented on GitHub (Apr 5, 2019): Hi @JHenneberg, There's no way to automatically do this mapping right now, Ldap users in BookStack are always identified by UID followed by DN. The fastest way to do your migration, if handling many users, would be to export a list of User DNs and emails from LDAP and format that directly to SQL queries to update the external auth ID field in the DB. The column to update is simply the `external_auth_id` column on the `users` table.
OVERLORD commented 2026-02-04 23:53:10 +03:00
Author
Owner
Copy Link

@JHenneberg commented on GitHub (Apr 8, 2019):

Ok I see. Thanks for the suggestion. I will give it a try.

@JHenneberg commented on GitHub (Apr 8, 2019): Ok I see. Thanks for the suggestion. I will give it a try.
OVERLORD commented 2026-02-04 23:53:17 +03:00
Author
Owner
Copy Link

@bsnuggs1 commented on GitHub (Oct 15, 2020):

I noticed the same problem when using the SAML integration for this. If you're using docker to setup bookstack, you can easily add adminer so you can get access to the database. Below is an example using the dockerhub's compose example.

docker-compose.yml:

---
version: "2"
services:
  bookstack:
    image: linuxserver/bookstack
    container_name: bookstack
    environment:
      - PUID=1000
      - PGID=1000
      - DB_HOST=bookstack_db
      - DB_USER=bookstack
      - DB_PASS=<yourdbpass>
      - DB_DATABASE=bookstackapp
    volumes:
      - /path/to/data:/config
    ports:
      - 6875:80
    restart: unless-stopped
    depends_on:
      - bookstack_db
  bookstack_db:
    image: linuxserver/mariadb
    container_name: bookstack_db
    environment:
      - PUID=1000
      - PGID=1000
      - MYSQL_ROOT_PASSWORD=<yourdbpass>
      - TZ=Europe/London
      - MYSQL_DATABASE=bookstackapp
      - MYSQL_USER=bookstack
      - MYSQL_PASSWORD=<yourdbpass>
    volumes:
      - /path/to/data:/config
    restart: unless-stopped
  adminer:
    image: adminer
    restart: "unless-stopped"
    environment:
      ADMINER_DEFAULT_SERVER: "bookstack_db"
    depends_on:
      - bookstack_db
    ports:
      - 6876:8080
@bsnuggs1 commented on GitHub (Oct 15, 2020): I noticed the same problem when using the SAML integration for this. If you're using docker to setup bookstack, you can easily add [adminer ](https://hub.docker.com/_/adminer) so you can get access to the database. Below is an example using the [dockerhub's compose](https://hub.docker.com/r/linuxserver/bookstack) example. docker-compose.yml: ``` --- version: "2" services: bookstack: image: linuxserver/bookstack container_name: bookstack environment: - PUID=1000 - PGID=1000 - DB_HOST=bookstack_db - DB_USER=bookstack - DB_PASS=<yourdbpass> - DB_DATABASE=bookstackapp volumes: - /path/to/data:/config ports: - 6875:80 restart: unless-stopped depends_on: - bookstack_db bookstack_db: image: linuxserver/mariadb container_name: bookstack_db environment: - PUID=1000 - PGID=1000 - MYSQL_ROOT_PASSWORD=<yourdbpass> - TZ=Europe/London - MYSQL_DATABASE=bookstackapp - MYSQL_USER=bookstack - MYSQL_PASSWORD=<yourdbpass> volumes: - /path/to/data:/config restart: unless-stopped adminer: image: adminer restart: "unless-stopped" environment: ADMINER_DEFAULT_SERVER: "bookstack_db" depends_on: - bookstack_db ports: - 6876:8080 ```
OVERLORD commented 2026-02-04 23:53:22 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Feb 5, 2021):

Since the last comment on this issue is relatively old I'm going to close this. If the issue remains and is something you still require to be fixed please open a new issue, referencing this one.

@ssddanbrown commented on GitHub (Feb 5, 2021): Since the last comment on this issue is relatively old I'm going to close this. If the issue remains and is something you still require to be fixed please open a new issue, referencing this one.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🎨 Design
📖 Docs Update
🐛 Bug
🐛 Bug
:cat2:🐈 Possible duplicate
💿 Database
Open to discussion
💻 Front-End
🐕 Support
🚪 Authentication
🌍 Translations
🔌 API Task
🏭 Back-End
Upstream
🔨 Feature Request
🛠️ Enhancement
🛠️ Enhancement
🛠️ Enhancement
❤️ Happy feedback
🔒 Security
🔍 Pending Validation
💆 UX
📝 WYSIWYG Editor
🌔 Out of scope
🔩 API Request
:octocat: Admin/Meta
🖌️ View Customization
Question
🚀 Priority
🛡️ Blocked
🚚 Export System
A11y
🔧 Maintenance
> Markdown Editor
pull-request
Mirrored from GitHub Pull Request
No Label 🐕 Support Question
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#1128
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?