I'm currently attempting to manually remove 2FA for my GitLab server's administrator account, since I've lost access to both my OTP app, and the recovery keys for the account.
There is only one account with administrator access.
According to this comment, the correct way to do this is to set otp_required_for_login to false for that user.
I have found my way into the database debug console (sudo gitlab-rails dbconsole; it's basically a wrapper for psql), and am now trying to actually change the value. However, I get a syntax error when running my query.
My query:
UPDATE "users"
SET "otp_required_for_login" = false
WHERE username = "gl_administrator";
The syntax error I get:
ERROR: syntax error at or near ""gl_administrator""
LINE 3: WHERE username = "gl_administrator";
^
You must use single-quotes when referencing a string literal.
So, your query would simply change to:
WHERE username = 'gl_administrator';
Related
During some testing I applied SID value 0x01050000000000051500000085E77E2F11C35F7307E53B2B531D0200 of a system account received from SUSER_SIDfunction to User Mapping of a certain Login object in SSMS. Now based on that I cannot get rid of it as I keep getting an error message Value was either too large or too small for a UInt64 no matter what I enter or erase. I would appreciate if somebody would know how to get rid of a certain User Mapping either via UI or code specially when I encountered such an error message, thank you
Your actions were:
Open login properties of some windows login
Changing the corresponding user for some database to sid (why on the erth did you map the login to the user named as sid???)
This corresponds to the following code:
alter user... with name = [0x01050000000000051500000085E77E2F11C35F7307E53B2B531D0200];
Now you want to do the inverse action, so you need to execute this code:
use CDR_MDS;
alter user [0x01050000000000051500000085E77E2F11C35F7307E53B2B531D0200] with name = NAME=[GROUP\gg ORG RAACO MS BI Team];
In Gforge, when a new user tries to log in; the user is automatically registered by fetching data from LDAP. It works fine for other users but one particular user is not able to log in and gets the error LDAP Authentication failed: Invalid Credentials . I don't understand what could be the issue? Could you please help?
This is the search function I am using.
ldap_bind($ldap, $dn, $pw)
$dn = ldap_get_dn($ldap, $entry);
$entry = ldap_first_entry($ldap,$res);
$res=ldap_search($ldap, $sys_ldap_base,$sys_ldap_id_attribute . '=' . $id,
array());
If it works for some users but not for one specific user, then it's something to do with the LDAP configuration, or with the characters in that user's ID or pwd.
Is the failing user in a different org/OU? Do they have accent characters in their username or password? These things can cause compatibility issues between GForge and the LDAP server.
Does this user have a much longer user name than other users? There is a GForge config setting called "usernameregex" that governs the complexity and length of allowed user names. Even though LDAP logins result in automatic account creation, the validation of the user's unix name might fail due to the regex in place. The error noted above could certainly be the catch-all message when this happens.
The default setting is "^[a-z0-9_.-]{3,15}$". You can change the upper length limit by changing the 15 to something else. The unix_name field in the GForge database is TEXT, so it can be extremely long (1GB?).
In GForge 6.3.x and earlier, you can find that setting in /etc/gforge/gforge.conf. Change the value and then update the system using:
cd /opt/gforge/bin && php create_config_cache.php
In GForge 6.4 and later, you can use the gf-config utility to set the value. It will take effect right away:
/opt/gforge/bin/gf-config set "usernameregex" "new regex value"
I have a database-project, created based on my existing database. It also added the scripts for creating users. One of those scripts is =>
CREATE USER [JOOS_NT\Indigo.Development] FOR LOGIN [JOOS_NT\Indigo.Dev.svc];
This script works fine on my database. But in my database-project this script is throwing an error when I build it. The error is:
"SQL70527: 'JOOS_NT\Indigo.Development' is not a valid name because it contains characters that are not valid."
It seems the "\" in the [JOOS_NT\Indigo.Development] is not allowed. However on the database itself I can run the query and it works fine. If I change it to [JOOS_NT/Indigo.Development] I don't get the error, but when comparing the scripts in the project to the existing database, it would drop the user ([JOOS_NT\Indigo.Development]) and replace it with ([JOOS_NT/Indigo.Development])
What am I missing?
Answering for someone who will look in the future.
On the database project, if a '\' character is included in the user name, the login should match the user name.
Because that, this don't work:
CREATE USER [JOOS_NT\Indigo.Development] FOR LOGIN [JOOS_NT\Indigo.Dev.svc];
But this will:
CREATE USER [JOOS_NT\Indigo.Development] FOR LOGIN [JOOS_NT\Indigo.Development];
Or
CREATE USER [JOOS_NT\Indigo.Dev.svc] FOR LOGIN [JOOS_NT\Indigo.Dev.svc];
I'm not sure if this is the expected behavior or a bug.
This is by design. The core issue is that in the "CREATE USER FOR LOGIN" based on a windows user login, if you are using a domain name for the user then this must match the login's domain name + login name. See this post on MSDN
I am trying to user openLDAP for the very first time. So I found this nice tutorial http://soswin-techbits.blogspot.com/2011/10/installing-openldap-on-windows-7.html. So i followed the instructions all the way to end. However, on the very last step I get an error. When i try to add a user to the group people I get this errpr "Unable to perform Modify Operation."
So after i do cn=user1 then in the Table Editor I type "surname" and hit submit then I get this error.
even when I tried to add a new directorey I get the same error.
Here is a detailed error.
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - no global superior knowledge]; remaining name 'dc=Organization,dc=com'
What is wrong?
thanks
The server may not be configured to host a backend with the suffix dc=Organization,dc=com.
I need help with an issue during the database connection via JPA/Hibernate on hsqldb-2.2.8:
[AWT-EventQueue-0] ERROR org.hibernate.util.JDBCExceptionReporter - invalid authorization specification - not found: manasouza
I created some user (manasouza) with some password as:
CREATE USER manasouza PASSWORD 123 ADMIN
I'm using SQLWorkbench as my database visualizer, and with it I can log on normally.
Using JPA/Hibernate I already tried the username on uppercase and the password as '123' or as the value cryptographed showed on the PASSWORD_DIGEST column at SYSTEM_USERS database table, but had no success at all.
When you use CREATE USER manasouza PASSWORD 123 ADMIN, HSQLDB 2.2.8 throws an exception. Therefore you must have used a different password.
The user name is converted to all uppercase because it is not double quoted. For the password, you should use single quotes around the string. If you define the password without the single quotes, it must start with a letter and is converted to all uppercase. Therefore if you want the exact case, use CREATE USER "manasouza" PASSWORD '123' ADMIN