Connecting to LDAP works, but doesn't log into Overleaf

[FJAConceicao]

We were not able to successfully configure the connection to our OpenLDAP 2.6.2 server. The OpenLDAP server only accepts TLS connections and we use Let's Encrypt certificate. Overleaf was installed using docker and we use portainer to manage our containers.

The following error message shows up in openldap's log when we try to login into Overleaf:

slapd[2667385]: conn=1000 fd=15 closed (TLS negotiation failure)

If I add the variable "NODE_TLS_REJECT_UNAUTHORIZED: 0" to Overleaf's stack then the first connection succeed according to the openldap's log:

fev 28 10:43:07 lynx.petrosoftdesign.com slapd[2667385]: conn=1039 fd=24 TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.3 tls_cipher=TLS_AES_256_GCM_SHA384
fev 28 10:43:07 lynx.petrosoftdesign.com slapd[2667385]: conn=1039 op=0 BIND dn="cn=Lamarque V. Souza,ou=people,dc=petrosoftdesign,dc=com" method=128
fev 28 10:43:07 lynx.petrosoftdesign.com slapd[2667385]: conn=1039 op=0 BIND dn="cn=Lamarque V. Souza,ou=people,dc=petrosoftdesign,dc=com" mech=SIMPLE bind_ssf=0 ssf=256
fev 28 10:43:07 lynx.petrosoftdesign.com slapd[2667385]: conn=1039 op=0 RESULT tag=97 err=0 qtime=0.000006 etime=0.000047 text=
fev 28 10:43:07 lynx.petrosoftdesign.com slapd[2667385]: conn=1039 op=1 UNBIND
fev 28 10:43:07 lynx.petrosoftdesign.com slapd[2667385]: conn=1039 fd=24 closed

but I still cannot log in.

PS: ALLOW_EMAIL_LOGIN is set to 'true' in Overleaf's stack.

[smhaller]

Can you post the output of docker logs ldap-overleaf instance? And the logs from sharelatex within the sharelatex docker container e.g. content of the /var/log/sharelatex/web.log...

[FJAConceicao]

I have just figure out the problem only happens when the user has more than one email. I will close this issue as duplicate of #22 .