Directory authentication initially succeeded, but no valid profile was found

The error message indicates that while the ldap binding was successful, when the plugin searched for your ldap user the ldap server responded with zero matches using the filter (in this case samAccountName=email.com).

Do you have multiple AD controllers?

When this occurs, I would suggest looking the user account up with Apache Directory Studio https://directory.apache.org/studio/ using the same information you are using in the plugin and verify the user’s information is present.

Thank you for the quick reply. We only use one external LDAP hostname. There are multiple AD controllers, yes, but this issue seems to be exclusive to wpdirauth. We use many different external systems that resolve users via LDAP settings using the same settings and those are not impacted by this issue. Unfortunately I cannot test using the apache directory studio using the users credentials because I only have the username, not the password and our policy will not allow me to get the password. I WAS able to configure directory studio to successfully connect using my domain credentials however, for whatever that is worth. Any additional suggestions are appreciated. Thanks!

Please disregard –

This issue has been solved. Turns out that the users email alias was not the same as their SAM Account name (email address contained a v- at the beginning). I was able to look her up in AD and used the correct SAM Account name to finally get her added. Thank you for your help.

AH! Glad you were able to figure it out.

If you ever come across other LDAP oddities, Directory Studios is a god-send. You don’t have to have the user’s credentials; just being able to look up a user’s properties in LDAP can help troubleshoot a ton of issues.