Hello, this is my first post but I have been a lurker for a long time. I saw your thread and felt your pain as I had a very similar issue that I was able to work out through trial and error.
Based on your photo you are using for ldap? This is what worked for me so I hope it works for you:
• Trying pinging the ip address of your ldap server from your linux server, this is just to make sure you can see it, if you don’t get a ping back then double check your network settings. If you get a ping back then proceed to the following steps.
• First thing you should do is remove your server connections to ldap and then disable the app and start over.
• Once you re-enable the app just put in your server ip address to the “Host” line (if using ssl then put https://xxx.xxx.xxx.xxx) don’t put in the port number but instead click on “Detect Port” it may take a minute or 2 but if your network connections on your server are setup correctly it should fine your port automatically. If it finds your port then you are making progress, but if it doesn’t find your port check your network settings.
• Ensure you have the correct “User DN” path and that you have the correct user name, if the name has spaces ensure it looks identical to the ldap name.
• Enter the password you assigned the user; I would test you can logon with the user through a PC just to ensure you have the name and password correct. I know it sounds silly but just make sure.
• If you can logon to a computer on your domain with the User name and password you are suing for this application then the next step is to click the “Detect Base DN” button and see if it detects your DN. It should detect your DN if your above settings are correct. Then click on “Test Base DN” you will see a Red light or Green light indicating success or failure. Most times your Base DN will be the same ending of the User DN.
• You shouldn’t have to make any other changes to the other tabs, but they should look similar to this:
o Users Tab:
(&(|(objectclass=person)(objectclass=user))(|(|(memberof=CN=Cloud Group,OU=Group,DC=MyDomain,DC=int)(primaryGroupID=1230))))
o Login Attributes:
(&(&(|(objectclass=person)(objectclass=user)))(|(samaccountname=%uid)(|(mailPrimaryAddress=%uid)(mail=%uid))))
o Groups Tab:
Nothing in groups unless you created an LDAP group and put your users in there thus enabling Nextcloud access to select individuals.
o Advance Tab:
Directory Settings: Should be filled out automatically by the detection process on step one, but if not then fill it out with your settings.
o Expert Tab:
The only thing I did here was add “samaccountname” to the UUID Attribute for Users field. This makes it so your users name show up instead of their long numerical numbers.
Hit test Configuration to ensure everything works correctly.
Hope this Helps
~ wclang
