After testing with about 100 users I added another 500 and now all anyone gets is Internal Error 500. Logs show “SubscriptionError('No subscription for your client”. Did I miss something here? The logs show /validate/triggerchallenge returns OK, but /validate/check fails with the above-referenced error.
I made the user change by changing the resolver for the default realm and deleting all the existing tokens before running create_email_tokens.py, passing in the default realm with --realm. All tokens look to be successfully created.
I’ve created a realm and 2 LDAP resolvers with different filters. One with a group of 14 users, and another with a group of 687. I then ran the create_email_tokens.py on the realm with only the 14-user resolver enabled and it worked fine (using ‘–tokentype email’). Then I enabled the second resolver on the realm and ran the script again to create the remaining users (using the ‘–check-existing-tokentype email’ option), which it did. It was at that point that OwnCloud began returning HTTP 500 errors, and the Audit log started showing the SubscriptionError error. I’ve since them tried several things, including deleting all the active tokens, then removing and recreating the realm and LDAP resolvers. Same results.
Is using the LDAP resolver the same as LDAP-proxy that I’ve seen in other comments? If it’s a licensing issue, we’d be more than willing to consider the cost for the licensing. I just need to know whether or not using an LDAP resolver invokes the 50-token limit.
did you read the link I posted? “Plugins” are the client components, that gather around the privacyIDEA server. Plugins enable other applications to communicate with privacyIDEA.
The wording might be a bit confusing, since other venders use the word “apps”. I think the word “app” is very difficult, because everything today is an “app” and so it is hard to differentiate.
So your text contained only one relevant word: “ownCloud”.
ownCloud is connected to privacyIDEA via the “privacyIDEA ownCloud Plugin” or like owncloud likes to call it from their point of view the “privacyidea app”.
Read the above link again and you will understand.
The problem arises from using the privacyIDEA ownCloud Plugin/App. Read the above link again and you will see why. You have more than 50 users with a token.
You need to get a subscription for your privacyIDEA ownCloud Plugin if you want to use it with more than 50 users (which is explained well in the above mentioned link)
To learn more about the subscription, read here:
It looks like you have several challenges during the last days getting to run or configure privacyIDEA.
Note, that you can also get services and support at https://netknights.it. This way you will also not have to read to much documentation.
