Can't succeed setting ldap/ad integration

ℹ️ Support
1

Hi everyone

I am new to nextcloud with ldap/ad integration (I have used owncloud 9 without ldap/ad integration before). The nextcloud 12 was working fine after install. When I want to try ldap/ad integration. I can't let it work. 

Here is my step.

1. enable ldap/ad app
2. in ldap/ad integration page, input ad-server's ip and press detect-port button.
    auto detect port : 389
    so, I think the nextcloud can find the ad-server.
3. input 
    uid=[user name in ad],dc=[AD domain name],dc=[company domain name],dc=com,dc=tw
    password=[user password in ad]
    then press detect-base-dn button.
    result => base dn can't auto-detect
    
    so, I input base dn
    dc=[AD domain name],dc=[company domain name],dc=com,dc=tw
    then press test-base-dn button
    result => base-dn was wrong 

    I have also try this two ...
    dc=[company domain name],dc=com,dc=tw
    dc=com,dc=tw
    same result.

here is my system info. (two server)

samba ad server : 192.168.1.3
Operating system and version : Ubuntu Server 16.04.2
samba : 4.3.11
I am using samba built-in ldap server.

nextcloud server :192.168.1.11
Nextcloud version 12.0.0
Operating system and version : Ubuntu Server 16.04.2
Apache or nginx version : apache 2.4.18
PHP version : 7.0.18

The output of Nextcloud log in Admin > Logging:
Warning user_ldap Configuration Error (prefix s01): login filter does not contain %uid place holder. 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): No LDAP Login Filter given! 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): login filter does not contain %uid place holder. 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): No LDAP Login Filter given! 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): login filter does not contain %uid place holder. 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): No LDAP Login Filter given! 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): login filter does not contain %uid place holder. 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): No LDAP Login Filter given! 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): login filter does not contain %uid place holder. 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): No LDAP Login Filter given! 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): login filter does not contain %uid place holder. 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): No LDAP Login Filter given! 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): login filter does not contain %uid place holder. 2017-07-05T14:49:21+0800
Warning user_ldap Configuration Error (prefix s01): No LDAP Login Filter given! 2017-07-05T14:49:21+0800
… many same message repeat !!

I have also try to delete server entry and readd new entry … either disable ldap/ad app and reactive it. all same result …

any idea ? thanks.

2

Hi,

I have the same issue with Nextcloud 12.0.2 and Samba-AD (My samba AD version is 4.6.5 and it is on CentOS 7.3.

Same error message. The connections are not reaching the AD Server at all.

Looks like a bug in NextCloud??

Thanks & regards,
Ananth

3

You need to check which attributes are used in your AD. In my case, I checked the distinguishedName attribute in Active Directory, and it gives you the exact string you need to use for this input field, including OUs. For example, let’s say you have a domain called lincy.com.tw, under which you have an OU called adminUsers, and then inside that you have your ldap-search-user. Check the attributes on ldap-search-user to see if UID is even set (in my case I only have CN set for my ldap-search-user). That translates into:

CN=ldap-search-user,OU=adminUsers,DC=lincy,DC=com,DC=tw