External SMB Updates & Access

ℹ️ Support
, , , ,
1

Nextcloud version (eg, 20.0.5): 27.1.5
Operating system and version (eg, Ubuntu 20.04): Debian 12 Docker 25.0.2
Apache or nginx version (eg, Apache 2.4.25): 2.4.58
PHP version (eg, 7.4): 8.1.27

The issue you are facing: External SMB storage does not allow downloading, and thus syncing with Nextcloud Desktop Client, when subfolder of share is entered in the remote subfolder field. Files will list in the Nextcloud web interface but throw a Sabre\DAV\Exception\ServiceUnavailable: Could not open file error when attempting to open or download.

This can be resolved by specifying the remote subfolder in the share field with a forward (/) slash, however, this causes the occ external_files:notify command to fail with a [Icewind\SMB\Exception\ConnectionRefusedException] error.

I’m using LDAP for Nextcloud user login, but I specify a domain account that has modify access to the root of the SMB share.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Setup LDAP on Nextcloud with home path set to sAMAccountName.
  2. Setup External Storage SMB that points to Users share with $home for remote subfolder. Specify service account that has modify access to root share and subfolders.
  3. Connect to nextcloud-aio-nextcloud container as www-data and run occ files:scan --unscanned --all
  4. Attempt to download file from web interface.
  5. Second issue follows these same steps except /$home is appended to share instead of being entered in remote subfolder.

The output of your Nextcloud log in Admin > Logging:

{"reqId":"7oOuqqxl6xZppppUrshi","level":3,"time":"2024-02-05T17:43:15+00:00","remoteAddr":"172.26.0.1","user":"FF929935-663E-429E-AD1F-D9577C962D87","app":"webdav","method":"GET","url":"/remote.php/dav/files/FF929935-663E-429E-AD1F-D9577C962D87/U%20Drive/Desktop%20Sync/Desktop/What%20if%20I%20rename%20it.txt","message":"Could not open file","userAgent":"Mozilla/5.0 (Windows) mirall/3.11.1stable-Win64 (build 20240125) (Nextcloud, windows-10.0.19045 ClientArchitecture: x86_64 OsArchitecture: x86_64)","version":"27.1.5.1","exception":{"Exception":"Sabre\\DAV\\Exception\\ServiceUnavailable","Message":"Could not open file","Code":0,"Trace":[{"file":"/var/www/html/3rdparty/sabre/dav/lib/DAV/CorePlugin.php","line":85,"function":"get","class":"OCA\\DAV\\Connector\\Sabre\\File","type":"->","args":[]},{"file":"/var/www/html/3rdparty/sabre/event/lib/WildcardEmitterTrait.php","line":89,"function":"httpGet","class":"Sabre\\DAV\\CorePlugin","type":"->","args":[["Sabre\\HTTP\\Request"],["Sabre\\HTTP\\Response"]]},{"file":"/var/www/html/3rdparty/sabre/dav/lib/DAV/Server.php","line":472,"function":"emit","class":"Sabre\\DAV\\Server","type":"->","args":["method:GET",[["Sabre\\HTTP\\Request"],["Sabre\\HTTP\\Response"]]]},{"file":"/var/www/html/3rdparty/sabre/dav/lib/DAV/Server.php","line":253,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->","args":[["Sabre\\HTTP\\Request"],["Sabre\\HTTP\\Response"]]},{"file":"/var/www/html/3rdparty/sabre/dav/lib/DAV/Server.php","line":321,"function":"start","class":"Sabre\\DAV\\Server","type":"->","args":[]},{"file":"/var/www/html/apps/dav/lib/Server.php","line":365,"function":"exec","class":"Sabre\\DAV\\Server","type":"->","args":[]},{"file":"/var/www/html/apps/dav/appinfo/v2/remote.php","line":35,"function":"exec","class":"OCA\\DAV\\Server","type":"->","args":[]},{"file":"/var/www/html/remote.php","line":172,"args":["/var/www/html/apps/dav/appinfo/v2/remote.php"],"function":"require_once"}],"File":"/var/www/html/apps/dav/lib/Connector/Sabre/File.php","Line":498,"message":"Could not open file","exception":[],"CustomMessage":"Could not open file"},"id":"65c124933ba46"}

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'one-click-instance' => true,
  'one-click-instance.user-limit' => 100,
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' =>
  array (
    0 =>
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 =>
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'appsallowlist' =>
  array (
  ),
  'check_data_directory_permissions' => false,
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => 'nextcloud-aio-redis',
    'password' => *SENSITIVE-REMOVED*',
    'port' => 6379,
  ),
  'overwritehost' => *SENSITIVE-REMOVED*,
  'overwriteprotocol' => 'https',
  'passwordsalt' => *SENSITIVE-REMOVED*,
  'secret' => *SENSITIVE-REMOVED*,
  'trusted_domains' =>
  array (
    0 => 'localhost',
    1 => *SENSITIVE-REMOVED*,
  ),
  'datadirectory' => '/mnt/ncdata',
  'dbtype' => 'pgsql',
  'version' => '27.1.5.1',
  'overwrite.cli.url' => *SENSITIVE-REMOVED*,
  'dbname' => 'nextcloud_database',
  'dbhost' => 'nextcloud-aio-database',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'oc_nextcloud',
  'dbpassword' => *SENSITIVE-REMOVED*,
  'installed' => true,
  'instanceid' => *SENSITIVE-REMOVED*,
  'maintenance' => false,
  'loglevel' => '2',
  'log_type' => 'file',
  'logfile' => '/var/www/html/data/nextcloud.log',
  'log_rotate_size' => '10485760',
  'log.condition' =>
  array (
    'apps' =>
    array (
      0 => 'admin_audit',
    ),
  ),
  'preview_max_x' => '2048',
  'preview_max_y' => '2048',
  'jpeg_quality' => '60',
  'enabledPreviewProviders' =>
  array (
    1 => 'OC\\Preview\\Image',
    2 => 'OC\\Preview\\MarkDown',
    3 => 'OC\\Preview\\MP3',
    4 => 'OC\\Preview\\TXT',
    5 => 'OC\\Preview\\OpenDocument',
    6 => 'OC\\Preview\\Movie',
    7 => 'OC\\Preview\\Krita',
  ),
  'enable_previews' => true,
  'upgrade.disable-web' => true,
  'mail_smtpmode' => 'smtp',
  'trashbin_retention_obligation' => 'auto, 30',
  'versions_retention_obligation' => 'auto, 30',
  'activity_expire_days' => '30',
  'simpleSignUpLink.shown' => false,
  'share_folder' => '/Shared',
  'one-click-instance.link' => 'https://nextcloud.com/all-in-one/',
  'upgrade.cli-upgrade-link' => 'https://github.com/nextcloud/all-in-one/discussions/2726',
  'updatedirectory' => '/nc-updater',
  'allow_local_remote_servers' => true,
  'davstorage.request_timeout' => 3600,
  'htaccess.RewriteBase' => '/',
  'dbpersistent' => false,
  'files_external_allow_create_new_local' => false,
  'trusted_proxies' =>
  array (
    0 => '127.0.0.1',
    1 => '::1',
  ),
  'mail_from_address' => *SENSITIVE-REMOVED*,
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => *SENSITIVE-REMOVED*,
  'mail_smtpauth' => 1,
  'mail_smtphost' => *SENSITIVE-REMOVED*,
  'mail_smtpport' => '587',
  'mail_smtpname' => *SENSITIVE-REMOVED*,
  'mail_smtppassword' => *SENSITIVE-REMOVED*,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
);

The output of your Apache/nginx/system log in /var/log/____:

Nothing Relevant

Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

Unsure of location on docker install.
2

Managed to get a workaround working.

  1. Removed domain.example from SMB domain field.
  2. Removed $home from SMB remote subfolder field.
  3. Set SMB share field to be root share directory.
  4. Enabled SMB verify ACL access when listing files option.
  5. Set SMB authentication to User entered, store in database.
  6. Saved and went to the user’s files in the web interface and clicked on the external storage. (it was red at this point)
  7. Entered the user’s domain account in username@domain.example format and password.
  8. Ran occ files:scan --unscanned --all as www-data against nextcloud-aio-nextcloud container.
  9. Ran occ external_files:notify -v -u serviceaccount@domain.example -p serviceaccountpassword 1 as www-data against nextcloud-aid-nextcloud container.
  10. Made a change to a user’s file on the SMB share and verified that notify saw the change.
  11. Ran occ files:scan --unscanned --all as www-data against nextcloud-aio-nextcloud container.
  12. Confirmed desktop client synced the change.

Overall, I’m not thrilled I have to do it this way because password changes will break the sync, but it does now properly work. One thing to note for anyone who wants to set things up this way, be mindful of the password you use for the notification user. I found that symbols in passwords, especially !n, can cause the notify command to fail and it doesn’t respect quotes.

One additional benefit that I noticed, because I had to re-add the file sync on the desktop client, is that hidden files and folders are now properly being ignored. All that’s left on my end is to program the cron tasks on the docker host to execute the notify and file scan.

Hope this helps anyone stuck like I was.

3

One last update for anyone who finds this while working through an SMB setup. I’ve found that while the documentation says the system will scan for files every 15 minutes, the nextcould-aio doesn’t really do that.

As a result I created two scripts in the root directory of the nextcloud-aio-nextcloud container. The first script sleeps for 180 seconds and then runs the php occ files_external:notify -u username@domain.example -p passwordhere 1 command.

The next script also sleeps for 180 seconds and then executes a while true; do loop that runs the php occ files:scan --unscanned --all command and then sleeps for 30 seconds. I gave both of these script files the same 775 permissions and u+x like the other scripts in the / directory.

Finally I made a backup copy, edited the supervisord.conf file, and setup both of these as programs that run under www-data. I then made sure that the backup copy, my copy, and both script files were moved to a directory in one of the container volumes.

I then restarted all the containers using Portainer, but if you prefer you can use the command line. Running ps aux against the nextcloud-aio-nextcloud container confirmed that the scripts had been started and, after 180 seconds, the notify command was running.

Changes and new files made on the SMB side now properly sync down to my clients after 30 seconds and changes made on the clients sync to the SMB side instantly.

Hope this helps!

4

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.