Hi there,
I am using Nextcloud now since the fork.
Some time ago I have implemented LDAP to authenticate agains my AD server - without TLS.
Everything worked fine.
Now I have moved on and enabled the TLS version (LDAPs) which is also working fine - in general.
I have imported my LDAP-Server certificate at my CentOS CA store + at Nextclouds build-in CA store.
Problem: Sometimes Nextcloud seems to have difficulties to connect to my AD server:
OC\ServerNotAvailableException: Lost connection to LDAP server.
Sabre\DAV\Exception\ServiceUnavailable: OC\ServerNotAvailableException: Lost connection to LDAP server.
But as soon as the connection is established everything runs as usual.
I run three different Nextcloud servers - all three are linked to AD via LDAPs and all three are having the same problem.
If I disable LDAPs and move back to unencrypted LDAP it works without any error.
Nextcloud version: 12.0.3
Operating system and version: CentOS 7
Apache or nginx version: 2.4.6
PHP version (eg, 5.6): 7.0
Is this the first time you’ve seen this error?: Yes
Can you reliably replicate it? (If so, please outline steps):
Enable LDAPs = Error
The output of your Nextcloud log in Admin > Logging:
OC\ServerNotAvailableException: Lost connection to LDAP server.
Sabre\DAV\Exception\ServiceUnavailable: OC\ServerNotAvailableException: Lost connection to LDAP server.
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
CONFIG = array (
‘instanceid’ => ‘secret’,
‘passwordsalt’ => ‘secret’,
‘secret’ => ‘secret’,
‘trusted_domains’ =>
array (
0 => ‘secret’,
),
‘datadirectory’ => ‘/mnt/cloud/nextcloud/’,
‘overwrite.cli.url’ => ‘https://domain.tld/nextcloud’,
‘dbtype’ => ‘mysql’,
‘version’ => ‘12.0.3.3’,
‘dbname’ => ‘nextcloud’,
‘dbhost’ => ‘localhost’,
‘dbtableprefix’ => ‘oc_’,
‘dbuser’ => ‘sqluser’,
‘dbpassword’ => ‘secret’,
‘logtimezone’ => ‘UTC’,
‘installed’ => true,
‘memcache.distributed’ => ‘\OC\Memcache\Redis’,
‘filelocking.enabled’ => true,
‘memcache.locking’ => ‘\OC\Memcache\Redis’,
‘memcache.local’ => ‘\OC\Memcache\Redis’,
‘redis’ =>
array (
‘host’ => ‘localhost’,
‘port’ => 6379,
),
‘maintenance’ => false,
‘mail_smtpmode’ => ‘php’,
‘mail_domain’ => ‘domain.tld’,
‘mail_from_address’ => ‘cloud’,
‘updater.release.channel’ => ‘stable’,
‘loglevel’ => 2,
‘appstore.experimental.enabled’ => true,
‘theme’ => ‘’,
‘asset-pipeline.enable’ => true,
‘ldapIgnoreNamingRules’ => false,
‘ldapProviderFactory’ => ‘\OCA\User_LDAP\LDAPProviderFactory’,
‘session_lifetime’ => 300,
‘session_keepalive’ => true,
);
.