How-to/FAQ WIKI


#1

Welcome to the How-to/FAQ category! :smile:

Here you’ll find a selection of popular :bookmark_tabs: guides contributed by the community, as well as many :question: frequently asked questions to get you on your way with Nextcloud. To make it as simple as possible to get going, check out some popular FAQs, How-tos and external tutorials below :arrow_down:

FAQs


How-Tos


External guides


Contribute


This topic is a :pencil2: WIKI, editable by all users who’ve been here for a little while. Feel free to edit it to add a popular How-to or FAQ that new users to the community would find useful under the headings above :arrow_up: .

Written something :heart_eyes: amazing and want it moved to this category? Feel free to :flag_black: flag the topic as Something Else and add a few words to let the moderators know it’s a great contribution, the same goes for others’ answers to topics also. Someone will be in touch :heart:


How to organise nextclud for many users and groups with different permissions
Combing How-tos, FAQs and tips
Building up a Wiki
Building up a Wiki
Help Setting Up Cloud
Links to other how-to's
Reminder for some topics
pinned #2

#3

Requested FAQs/How-tos


Have a particular FAQ or How-to in mind you don’t feel has been covered yet? Edit this WIKI and pop it in the list below. Hopefully one of the talented writers in the community will put something together :heart:

  • FAQ Setting correct filesystem permissions
  • FAQ Why isn’t Nextcloud a good backup solution?
  • FAQ Is Nextcloud for home users or home experts?
  • HOWTO Backing up Nextcloud

Call for how-to/FAQ topics
#4

in respect to this point i think it would be nice having a howto do backups from your instance… like using rsnyc or such.


#5

Sure thing, though that’s the opposite of the proposed above. (Why not to use Nextcloud as a backup solution != How to backup Nextcloud)


#6

errr. correct.
but at least you mentioned “backup” :wink:
and i wouldn’t say it’s the opposite… just a different thing. a different aspect ^^


#7

New howto request:

HOWTO use SAML / SSO Plugin with Microsoft Federation-Services (ADFS)

i found a quite actual blog on

https://rephlex.de/blog/2018/04/05/how-to-connect-nextcloud-to-active-directory-using-ad-fs-without-losing-your-mind/

Since i think it’s quite a hasl to manage all needed steps by manual configuration i started to create a powershell script to fulfill all needed steps.

I managed do the followning steps

I. Microsoft Server

  1. install the needed SQL-Database (relying in Windows Integrated Database = WID)
    • take care, that you can use it a a Domain-Controller
    • handle to start the services in the correct queue
  2. install the ADFS Feature
  3. configure the ADFS instance
    • respect given certificates (LetsEncrpyt Cert for the Service, selfsigned Cert for signing and encryption)
    • respect given PSCredential (run the setup-script with proper rights)
    • respect given group-service account (assingned to the ADFS database)
  4. configure the nextcloud
    • respect given ADFS Party trust
    • respect given ADFS Claims and Rules)

the script was tested on 2012R2 and 2016 Servers

II) nextcloud

haven’t tested how to automate the integration of needed config settings (maybe via occ?). For now, you have to copy paste all parameters to the gui

  • configured on version 14 and version 15.0.2
  • install the official SAML / SSO plugin
  • Section: General
    o Allow use of multiples user back-ends !!
    o Attribute to map UID: sAMAccountName
    o optional display name: AD Federation Service
  • section: Identity Provider Data (IdP)
    o IdP entry: https://‘adfs-fqdn’/adfs/services/trust
    o URI for authentication request messages: https://‘adfs-fqdn’/adfs/ls/idpinitiatedsignon.aspx
    o Public x509 certifiacate of the IdP: (copy-pasted from saved cert in pem format)

It should be possibe to run the service on a custom port (adfs-fqdn:port) in contrast to default (443). I couldn’t make it work on 2012R2, even so you can adapt the ADFS port via comandlet and changing the listening url on the internal http-server (via netsh).

Anybody willing to improve? Comments and suggustions are quite welcome
I have uploaded an initial version at

Have also found a nice structured overview concerning trust relations at