Problem
When a user opens their profile page via the self-service portal, they initially receive the error message:
“2 error(s) occurred”
After that, the user is prompted to re-enter their username and password—even if they are already logged into the portal (regardless of whether authentication was done via SSO or direct login).
Once the credentials are entered again, the profile can be edited as expected.
Root Cause
This issue is caused by a known bug (see: https://forge.univention.org/bugzilla/show_bug.cgi?id=56418).
When accessing the self-service profile page while already authenticated (e.g., via SAML or OIDC), the system fails to process the request correctly and returns the following error:
2 error(s) occurred- Missing required arguments:
usernameandpassword
Log files (e.g., management-console-web-server.log and management-console-module-passwordreset.log) show that the backend command get_user_attributes_values fails due to missing authentication parameters.
The issue is related to the UCR variable:
umc/self-service/allow-authenticated-use
This variable controls whether already authenticated users can access self-service features without re-entering their credentials.
- Default value (since UCS 4.4-7):
true - Affected systems: value set to
false
When set to false, the system requires re-authentication, which currently triggers the described bug and results in the error message.
Solution
The issue is triggered by the UCR variable umc/self-service/allow-authenticated-use being set to false.
If your environment does not explicitly require users to re-enter their credentials when accessing their profile, the following workaround resolves the issue:
ucr set umc/self-service/allow-authenticated-use=true && systemctl restart univention-management-console-server.service
This change restores the default behavior, allowing already authenticated users to access the self-service profile without encountering the error.