[HowTo] Using Jumpcloud LDAP on Nextcloud

Just to get it out right away I am a noob to most of this stuff. I have noticed a lack of info on how to get Nextcloud to work with the Jumpcloud LDAP service. After a few days of trying things and getting some very good support from jumpcloud I have finally got it working. Hopefully this is helpful.

This is what I am using.
Ubuntu 18.04
Nextcloud Snap
I used these instructions to get that running https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-nextcloud-on-ubuntu-18-04

Configure Samba support on your JumpCloud account. https://support.jumpcloud.com/customer/en/portal/articles/2873709-enabling-samba-support-with-jumpcloud-ldap
Make sure you enable Samba Authentication for you Jumpcloud groups.

  1. Login to your Nextcloud webgui

  2. Go to Apps and Enable Ldap/AD integration

  3. Go to settings and select the Ldap/AD integration tab. Within this tab change the following settings

  4. Server
    Host: ldap.jumpcloud.com
    select “Detect Port” Should be 389 or 636
    User DN: Copy and Paste the contents of “Samba Service Account Dn” from the Jumpcloud Ldap window
    Example: uid=YOURUSER,ou=Users,o=XXXXXXXXXXXXXXXXX,dc=jumpcloud,dc=com
    Base DN: Take the User DN without uid=YOURUSER and paste it here.
    Example: ou=Users,o=XXXXXXXXXXXXXXXXX,dc=jumpcloud,dc=com

  5. Users
    Select “↓ Edit LDAP Query”
    put this in the “Edit Ldap Query” box “(objectclass=*)”

  6. Loggin Attributes
    Select “↓ Edit LDAP Query”
    put this in the “Edit Ldap Query” box “(&(&(|(objectclass=inetOrgPerson)))(uid=%uid))”

  7. Groups
    Select “↓ Edit LDAP Query”
    put this in the “Edit Ldap Query” box “(&(|(objectclass=groupOfNames)))”

  8. Next click Advanced and click Directory Settings. Change these fields.
    User Display Name Field: uid
    Base User Tree: Same as “Base DN”
    Example: ou=Users,o=XXXXXXXXXXXXXXXXX,dc=jumpcloud,dc=com
    Base Group Tree:“Base DN”
    Example: ou=Users,o=XXXXXXXXXXXXXXXXX,dc=jumpcloud,dc=com
    Group-Member association: Member (AD)

After all this is done it should show configuration ok and your groups and users should populate.

2 Likes

Big time THANK YOU for this write up!

I currently am getting the green light (configuration ok) in the LDAP setup config area, but no users are populating. Screenshots here: https://nxtcld.cf/s/99KMy3yAF7PQcXB
(Pardon the cert, haven’t flipped over the proper lets encrypt yet).

-I literally copied what you had for the Edit LDAP Query fields, quotations and all. Is that correct, or should I have omitted the quotes?
-Samba was previously enabled in Jumpcloud and working for auth in FreeNAS
-Did you need to restart Nextcloud after configuring LDAP?
-My Nextcloud is in a FreeNAS jail, behind a firewall with ports 443 and 80 open, pointing to Nextcloud. Did you open any additional firewall ports?

Solved: Do NOT include quotes in the LDAP queries.

I can also get the users populated into NextCloud, but when I test the groups in the LDAP settings, it always returns 0. Is this expected? Thanks.