Is there any community here ? For homelab users ?
I have questions abd I’ve been here for week and there questions but no answers ? For Homelab, I can’t afford the support even the government pay me ?
I have a user who can create a account, who have to verify account, but doesn’t need to because then can login anway? But I look at bugilla, there are 1000s of bug reports. To me, it seems there is no support for homelab people.
Now what exactly is your question? I have UCS at home, my friends have UCS, @my parents is UCS running…
I’m going to verify this, but I had my friend signed up with self-service verification on, however, I ran into a E-Mail issue but he was still able to login. More precisely, he was able to login without verifying his E-Mail.
Under normal circumstances, it should not work without mail account verification.
What is the status in the user account under password recovery? There are values that are set by self-registration. What does it look like there?
According to the documentation, at least this should not work without changing the variables.
Sure, I’m not near the server atm and would have to get back to you on this. Thanks for being patient.
I apologize for the delay and I finally was able to sit down and look at this. Here’s a gif demonstrating the problem:
From the demonstration, the E-Mail is not verified but I can still login with that user account? If this isn’t normal circumstance, I’ll take another look at English version of the manual again. Although I do see there is a UCS update, and I’ll go ahead and apply that and do the test again.
Here’s another test:
Am I missing something?
I went over the manual again regarding E-Mail verification settings and I can’t seem to locate why this might be happening?
Going over the manual, I found:
The SSO login can be configured to deny login from unverified, self registered accounts. This is con-figured through the Univention Configuration Registry variable saml/idp/selfservice/check_e-mail_verification. This needs to be set on the domain controller master and all domain controllerbackups. The setting has no effect on accounts created by an administrator.The message on the SSO login page for unverified, self registered accounts, can be set with the Uni-vention Configuration Registry variables saml/idp/selfservice/account-verification/er-ror-title and saml/idp/selfservice/account-verification/error-descr. A local-ized message can be configured by adding a local to the variable. E.g. saml/idp/selfservice/ac-count-verification/error-title/en.
Seems this applies to ucs-sso, not portal login?
I resolve this by forcing users to login via SSO