From 2ec1ff2ebb02a06b6a3b4b8f4eefeba200e7cb1d Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Tue, 24 Aug 2021 13:03:41 +0200
Subject: [PATCH] sources/ldap: fix error when modifying ldap source with
 password write-back

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/sources/ldap/api.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/authentik/sources/ldap/api.py b/authentik/sources/ldap/api.py
index 22dfcb5727..e5391149a7 100644
--- a/authentik/sources/ldap/api.py
+++ b/authentik/sources/ldap/api.py
@@ -27,7 +27,10 @@ class LDAPSourceSerializer(SourceSerializer):
         """Check that only a single source has password_sync on"""
         sync_users_password = attrs.get("sync_users_password", True)
         if sync_users_password:
-            if LDAPSource.objects.filter(sync_users_password=True).exists():
+            filter = LDAPSource.objects.filter(sync_users_password=True)
+            if self.instance:
+                filter = filter.exclude(pk=self.instance.pk)
+            if filter.exists():
                 raise ValidationError(
                     "Only a single LDAP Source with password synchronization is allowed"
                 )