Problem
When using LDAP or SAML, a user may attempt to log in and be met with the message "A user with this username already exists". This means that a user with that username exists in the database and does not contain the same ID attribute as the user who is currently logging in. This is generally caused by a user who had a name change which caused their username or email address to change.
Solution
To investigate this, go to System Console > Authentication > LDAP, and see what you have configured for your ID Attribute. If this is blank, that means your ID attribute is set to use email addresses and someone with that email exists in the system already.
Identify the User
To see who this user is you can do one or both of the below:
- Go to System Console > User Management > Users, then search for the user's email address.
- Log into your Mattermost database and run the query
select * from Users where AuthData='usersemail@email.com';
Be sure to replace the email address in this query with the email in question.
If this is related to a change in the user's email address or username, then you can simply update the relevant field in the database to match the new value. From there, have the user log in again.
Additional Notes
If you do not have an ID Attribute set in your LDAP or SAML settings, you should consider setting this to a value that will not change for the user. Email, username, and other values that can change are not recommended. Setting this to a unique value can prevent issues like this from arising in the future.
If you have this set to a value that's not ideal right now, you can run an idmigrate to fix this.
Comments
Article is closed for comments.