Active Directory Connection setup

ℹ️ Support
1
Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version : 24.0.2
Operating system and version : Ubuntu 20.04.4 LTS
Apache or nginx version : nginx/1.20.2
PHP version : PHP 7.4.26

The issue you are facing: Cannot setup LDAP integration with Windows Server 2008 R2 Active Directory

Is this the first time you’ve seen this error? (Y/N):Yes

Steps to replicate it:

  1. I enter server address and push port detection
  2. Nothing happens at all
  3. Do not see any errors- port detection circle just round and round

The output of your Nextcloud log in Admin > Logging:

PASTE HERE

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'datadirectory' => '/data',
  'instanceid' => 'ocatzbgexl4i',
  'passwordsalt' => '',
  'secret' => '',
  'trusted_domains' => 
  array (
    0 => '192.168.90.3',
    1 => 'nextcloud.sportown-club.ru',
  ),
  'trusted_proxies' => 
  array (
    0 => 'traefik',
  ),
  'dbtype' => 'mysql',
  'version' => '24.0.2.1',
  'overwrite.cli.url' => 'https://192.168.90.3',
  'dbname' => 'nextcloud',
  'dbhost' => 'mariadb:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'oc_admin',
  'dbpassword' => '',
  'installed' => true,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'updater.release.channel' => 'stable',
  'updater.secret' => '',
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
);

The output of your Apache/nginx/system log in /var/log/____:


192.168.90.254 - - [22/Jun/2022:00:48:27 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:48:28 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:48:43 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:48:50 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:48:53 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:49:13 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:49:13 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:49:13 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:49:15 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:49:23 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:55:59 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:55:59 +0300] "POST /updater/index.php HTTP/1.1" 200 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:56:00 +0300] "GET / HTTP/1.1" 200 7902 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:56:01 +0300] "GET /core/img/background.png?v=2 HTTP/1.1" 200 9621 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:56:03 +0300] "GET /core/img/favicon.ico HTTP/1.1" 200 732 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:56:04 +0300] "GET /core/img/manifest.json HTTP/1.1" 200 251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:56:04 +0300] "GET /core/img/favicon-touch.png HTTP/1.1" 200 4196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:00:57:14 +0300] "GET /core/ajax/update.php?requesttoken=MuS1O9cOIgxKuOONpAuJ7i%2BK1d5qxSvjAojfXJY6ChY%3D%3ASsv9UZJDVVswyYzE5UrKqx7km70n%2FUWUQceONKJPRXM%3D HTTP/1.1" 200 32136 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:01:08:06 +0300] "GET /csrftoken HTTP/1.1" 200 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"
192.168.90.254 - - [22/Jun/2022:12:16:55 +0300] "GET /csrftoken HTTP/1.1" 200 122 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36"

PASTE HERE


Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

PASTE HERE

image
image1508×706 29.9 KB

2

That’s a very old version of Windows server.

The port is going to be one of:

  • 389 (LDAP)
  • 636 (LDAPS)
  • 3268 (global catalog)
  • 3369 (global catalog/SSL)

You should be able to use either 389 or 3268 provided the ports are listening and unblocked on your DC (verify this with a program like nmap or psping). The two SSL ports will only be listening if a certificate is installed on the server for it to use.

3

nmap showed

389/udp open|filtered ldap

Looks like something block port, however i do no want to use certificates -is it possible?

4

sa@stsrv:~$ nc -vz vfdc01.vaofit.loc 389
Connection to vfdc01.vaofit.loc 389 port [tcp/ldap] succeeded!

What else I need? Nextcloud is on the BareMetal server in the docker container