LDAP issue, all the sharing links unreachable

AxelTwin1 · January 25, 2024, 7:08pm

Support intro

Sorry to hear you’re facing problems

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can

Nextcloud version (eg, 20.0.5): 27.1
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04.3 LTS
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.52
PHP version (eg, 7.4): 8.2

The issue you are facing:

since I made some modification on my domain, I lost all my sharing links.
and I get the message “no DN found” in the logs

For example, if I try to acces the link:
https://portail.eec31.com/s/KFxJq2BEkEf9nJB

I generate the following log:

root@nextcloud:~# tail -f /var/www/nextcloud/data/nextcloud.log | grep KFxJq2BEkEf9nJB {“reqId”:“Mphc55KSWN0NWpTVpzPn”,“level”:0,“time”:“2024-01-25T19:35:04+01:00”,“remoteAddr”:“192.168.1.1”,“user”:“sam”,“app”:“user_ldap”,“method”:“GET”,“url”:“/s/KFxJq2BEkEf9nJB”,“message”:“Calling LDAP function ldap_explode_dn with parameters ["KFxJq2BEkEf9nJB",0]”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0”,“version”:“27.1.3.2”,“data”:{“app”:“user_ldap”}} {“reqId”:“Mphc55KSWN0NWpTVpzPn”,“level”:0,“time”:“2024-01-25T19:35:04+01:00”,“remoteAddr”:“192.168.1.1”,“user”:“sam”,“app”:“user_ldap”,“method”:“GET”,“url”:“/s/KFxJq2BEkEf9nJB”,“message”:“No DN found for KFxJq2BEkEf9nJB on ldap://addc1-2k19.eec31.local”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0”,“version”:“27.1.3.2”,“data”:{“app”:“user_ldap”}}<\code>


Is this the first time you’ve seen this error? (Y/N): Y
The output of your Nextcloud log in Admin > Logging:
Erreur	internet_connection_check	GuzzleHttp\Exception\ConnectException: cURL error 28: Failed to connect to www.startpage.com port 80 after 22501 ms: Connection timed out (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for http://www.startpage.com/	
2024-01-25T19:42:53+0100
Erreur	internet_connection_check	GuzzleHttp\Exception\ConnectException: cURL error 28: Failed to connect to www.nextcloud.com port 80 after 15202 ms: Connection timed out (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for http://www.nextcloud.com/	
2024-01-25T19:42:30+0100
Erreur	internet_connection_check	GuzzleHttp\Exception\ConnectException: cURL error 28: Connection timed out after 30001 milliseconds (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for http://www.edri.org/	
2024-01-25T19:11:21+0100
Erreur	PHP	ldap_bind(): Unable to bind to server: Can't contact LDAP server at /var/www/nextcloud/apps/user_ldap/lib/LDAP.php#307	
2024-01-25T19:11:18+0100
Erreur	PHP	ldap_bind(): Unable to bind to server: Can't contact LDAP server at /var/www/nextcloud/apps/user_ldap/lib/LDAP.php#307	
2024-01-25T19:11:18+0100
Erreur	PHP	ldap_bind(): Unable to bind to server: Can't contact LDAP server at /var/www/nextcloud/apps/user_ldap/lib/LDAP.php#307	
2024-01-25T19:11:18+0100
Erreur	PHP	ldap_bind(): Unable to bind to server: Can't contact LDAP server at /var/www/nextcloud/apps/user_ldap/lib/LDAP.php#307	
2024-01-25T19:11:18+0100
Erreur	PHP	ldap_bind(): Unable to bind to server: Can't contact LDAP server at /var/www/nextcloud/apps/user_ldap/lib/LDAP.php#307	
2024-01-25T19:11:18+0100


The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
root@nextcloud:~# cat /var/www/nextcloud/config/config.php
<?php
$CONFIG = array (
  'instanceid' => 'gloups',
  'passwordsalt' => 'gloups',
  'secret' => 'gloups',
  'trusted_domains' => 
  array (
    0 => 'x;x;x;x',
  ),
  'datadirectory' => '/var/www/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '27.1.3.2',
  'overwrite.cli.url' => '',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'gloups',
  'dbpassword' => 'gloups',
  'installed' => true,
  'activity_expire_days' => 14,
  'auth.bruteforce.protection.enabled' => 'false',
  'blacklisted_files' => 
  array (
    0 => '.htaccess',
    1 => 'Thumbs.db',
    2 => 'thumbs.db',
  ),
  'cron_log' => true,
  'enable_previews' => true,
  'enabledPreviewProviders' => 
  array (
    0 => 'OC\\Preview\\PNG',
    1 => 'OC\\Preview\\JPEG',
    2 => 'OC\\Preview\\GIF',
    3 => 'OC\\Preview\\BMP',
    4 => 'OC\\Preview\\XBitmap',
    5 => 'OC\\Preview\\Movie',
    6 => 'OC\\Preview\\PDF',
    7 => 'OC\\Preview\\MP3',
    8 => 'OC\\Preview\\TXT',
    9 => 'OC\\Preview\\MarkDown',
  ),
  'filesystem_check_changes' => 0,
  'filelocking.enabled' => 'true',
  'htaccess.RewriteBase' => '/',
  'integrity.check.disabled' => false,
  'knowledgebaseenabled' => false,
  'logfile' => '/var/www/nextcloud/data/nextcloud.log',
  'loglevel' => 0,
  'logtimezone' => 'Europe/Paris',
  'log_rotate_size' => 104857600,
  'maintenance' => false,
  'memcache.local' => '\\OC\\Memcache\\Redis',
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' => 
  array (
    'host' => '/var/run/redis/redis-server.sock',
    'port' => '0',
    'timeout' => '0.0',
    'dbindex' => 0,
  ),
  'overwriteprotocol' => 'https',
  'preview_max_x' => 1024,
  'preview_max_y' => 768,
  'preview_max_scale_factor' => 1,
  'quota_include_external_storage' => false,
  'share_folder' => '/PARTAGES',
  'skeletondirectory' => '',
  'theme' => '',
  'default_phone_region' => 'FR',
  'trashbin_retention_obligation' => 'auto, 7',
  'updater.release.channel' => 'stable',
  'ldapIgnoreNamingRules' => false,
  'mail_smtpmode' => 'sendmail',
  'mail_sendmailmode' => 'smtp',
  'mail_from_address' => 'portail',
  'mail_domain' => 'eec31.com',
  'app_install_overwrite' => 
  array (
    0 => 'calendar',
    1 => 'mail',
    2 => 'ransomware_protection',
    3 => 'spreed',
    4 => 'apporder',
    5 => 'auto_mail_accounts',
    6 => 'sharerenamer',
  ),
  'mail_smtpauthtype' => 'gloups',
  'mail_smtphost' => 'gloups',
  'mail_smtpport' => '465',
  'mysql.utf8mb4' => true,
  'mail_smtpsecure' => 'ssl',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'gloups',
  'mail_smtppassword' => 'gloups',
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',

The output of your Apache/nginx/system log in /var/log/____:
root@nextcloud:~# at /var/log/apache2/error.log
Command 'at' not found, but can be installed with:
apt install at
root@nextcloud:~# at /var/log/apache2/error.log
Command 'at' not found, but can be installed with:
apt install at
root@nextcloud:~# cat /var/log/apache2/error.log
[Thu Jan 25 00:00:01.769884 2024] [ssl:warn] [pid 174] AH01909: nextcloud.eec31.local:443:0 server certificate does NOT include an ID which matches the server name
[Thu Jan 25 00:00:01.781538 2024] [mpm_prefork:notice] [pid 174] AH00163: Apache/2.4.52 (Ubuntu) OpenSSL/3.0.2 configured -- resuming normal operations
[Thu Jan 25 00:00:01.781557 2024] [core:notice] [pid 174] AH00094: Command line: '/usr/sbin/apache2'
dlopen(): error loading libfuse.so.2

AppImages require FUSE to run. 
You might still be able to extract the contents of this AppImage 
if you run it with the --appimage-extract option. 
See https://github.com/AppImage/AppImageKit/wiki/FUSE 
for more information

Logging at warning level to file: /tmp/coolwsd.7Q5MB3jCWV/coolwsd.log
Security: coolforkit incorrect user-name, other than 'cool'
Init vcl
preload: xsec_xmlsec merged ucpchelp1 wpftwriter wpftcalc wpftimpress wpftdraw writerfilter msforms ucppkg1 ucpcmis1 cached1 vbaswobj swd sw ucpdav1 smd sm pdfimport PresentationMinimizer sd scriptframe protocolhandler dlgprov date analysis vbaobj scfilt scd xmlsecurity sc expwrap oox LanguageTool ldapbe2 pcr storagefd log chartcore pdffilter migrationoo3 deploymentgui scn cui sdbt mozbootstrap bootstrap flat io animcore svgfilter embobj t602filter dbaxml stocservices chartcontroller namingservice cairocanvas invocadapt introspection migrationoo2 dbpool2 binaryurp mysql_jdbc pricing proxyfac calc invocation dba uuresolver solver reflection writer textconversiondlgs hwp msword graphicfilter emboleobj sdd slideshow dbase bib
Disabled: ucpftp1 rptxml rptui rpt dbp abp sdbc2 cmdmail PresenterScreen dbu odbc 
Allowlisted languages: de_DE el en_GB en_US es_ES fr_FR hu it nl pt_BR pt_PT ru 
Preloading dictionaries: de-DE en-US fr-FR it-IT nl-NL pt-BR ru-RU en-GB nl-BE pt-PT es-ES 
Preloading thesauri: de-DE en-US fr-FR it-IT nl-NL pt-BR ru-RU en-GB nl-BE pt-PT es-ES 
Preload icons
Preload short cut accelerators
Preload languages
Preload fonts
Fontconfig error: No writable cache directories
Fontconfig error: No writable cache directories
Preload config
Ready to accept connections on port 9983.

[Thu Jan 25 15:19:11.364123 2024] [php:notice] [pid 7757] [client 192.168.1.1:3856] richdocumentscode (proxy.php) error exit, PID: 7757, Message: The param should be 'status' or 'req=...', but is: 'ui_theme=light'
[Thu Jan 25 15:20:52.909706 2024] [php:notice] [pid 7564] [client 192.168.1.1:38410] richdocumentscode (proxy.php) error exit, PID: 7564, Message: The param should be 'status' or 'req=...', but is: 'ui_theme=light'
[Thu Jan 25 15:20:54.277916 2024] [php:notice] [pid 7755] [client 192.168.1.1:38789] richdocumentscode (proxy.php) error exit, PID: 7755, Message: The param should be 'status' or 'req=...', but is: 'ui_theme=light'
[Thu Jan 25 15:20:55.584950 2024] [php:notice] [pid 7755] [client 192.168.1.1:38789] richdocumentscode (proxy.php) error exit, PID: 7755, Message: The param should be 'status' or 'req=...', but is: 'ui_theme=light'
[Thu Jan 25 15:20:56.883122 2024] [php:notice] [pid 7578] [client 192.168.1.1:22613] richdocumentscode (proxy.php) error exit, PID: 7578, Message: The param should be 'status' or 'req=...', but is: 'ui_theme=light'
[Thu Jan 25 18:09:18.978474 2024] [access_compat:error] [pid 8626] [client 192.168.1.1:32969] AH01797: client denied by server configuration: /var/www/nextcloud/data/.ocdata
[Thu Jan 25 18:09:28.753014 2024] [access_compat:error] [pid 8816] [client 192.168.1.1:1701] AH01797: client denied by server configuration: /var/www/nextcloud/data/.ocdata
[Thu Jan 25 18:30:57.008977 2024] [ssl:warn] [pid 138] AH01909: nextcloud.eec31.local:443:0 server certificate does NOT include an ID which matches the server name
[Thu Jan 25 18:30:57.202634 2024] [ssl:warn] [pid 155] AH01909: nextcloud.eec31.local:443:0 server certificate does NOT include an ID which matches the server name
[Thu Jan 25 18:30:57.220793 2024] [mpm_prefork:notice] [pid 155] AH00163: Apache/2.4.52 (Ubuntu) OpenSSL/3.0.2 configured -- resuming normal operations
[Thu Jan 25 18:30:57.220817 2024] [core:notice] [pid 155] AH00094: Command line: '/usr/sbin/apache2'
[Thu Jan 25 18:42:15.376570 2024] [access_compat:error] [pid 735] [client 192.168.1.1:62928] AH01797: client denied by server configuration: /var/www/nextcloud/data/.ocdata

PASTE HERE

er_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_set_option with parameters [{},20485,4]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_bind with parameters [{},\"cn=administrateur,cn=users,dc=eec31,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_connect with parameters [\"ldap:\\/\\/addc1-2k19.eec31.local:389\"]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_set_option with parameters [{},17,3]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_set_option with parameters [{},8,0]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_bind with parameters [{},\"cn=administrateur,cn=users,dc=eec31,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"initializing paged search for filter (&(|(objectclass=posixGroup)(objectclass=group)(objectclass=zimbraDistributionList)(objectclass=groupOfNames)(objectclass=groupOfUniqueNames))(cn=*)), base dc=eec31,dc=local, attr [\"cn\",\"dn\"], pageSize 400, offset 0","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Ready for a paged search","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_search with parameters [{},\"dc=eec31,dc=local\",\"(&(|(objectclass=posixGroup)(objectclass=group)(objectclass=zimbraDistributionList)(objectclass=groupOfNames)(objectclass=groupOfUniqueNames))(cn=*))\",[\"cn\",\"dn\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":400,\"cookie\":\"\"},\"iscritical\":false}]]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_errno with parameters [{}]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_get_entries with parameters [{},{}]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_parse_result with parameters [{},{}]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Count filter: memberOf=*","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"initializing paged search for filter memberOf=*, base dc=eec31,dc=local, attr [\"memberOf\"], pageSize 1, offset 0","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Ready for a paged search","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_search with parameters [{},\"dc=eec31,dc=local\",\"memberOf=*\",[\"memberOf\"],0,0,-1,0,[{\"oid\":\"1.2.840.113556.1.4.319\",\"value\":{\"size\":1,\"cookie\":\"\"},\"iscritical\":false}]]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_errno with parameters [{}]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_count_entries with parameters [{},{}]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_parse_result with parameters [{},{}]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"CQjRHzJbYJZMXIqEmfFS","level":0,"time":"2024-01-25T19:43:40+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Calling LDAP function ldap_unbind with parameters [{}]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_explode_dn with parameters [\"FC8CAAC3-D539-42A5-A81C-3FBB7FB064B6\",0]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_connect with parameters [\"ldap:\\/\\/addc1-2k19.eec31.local:389\"]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_set_option with parameters [{},17,3]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_set_option with parameters [{},8,0]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_set_option with parameters [{},20485,\"15\"]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_bind with parameters [{},\"cn=administrateur,cn=users,dc=eec31,dc=local\",\"***REMOVED SENSITIVE VALUE***\"]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_read with parameters [{},\"cn=maud philippon,ou=utilisateurs,dc=eec31,dc=local\",\"(&(|(objectclass=user))(|(|(memberof=CN=Utilisateurs du domaine,CN=Users,DC=eec31,DC=local)(primaryGroupID=513))(|(memberof=CN=nextcloudusers,CN=Users,DC=eec31,DC=local)(primaryGroupID=1219))))\",[\"\"],0,-1]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_count_entries with parameters [{},{}]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"readAttribute: cn=maud philippon,ou=utilisateurs,dc=eec31,dc=local found","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_read with parameters [{},\"cn=maud philippon,ou=utilisateurs,dc=eec31,dc=local\",\"objectClass=*\",[\"displayname\"],0,-1]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_first_entry with parameters [{},{}]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_get_attributes with parameters [{},{}]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"tCrTGLVbSwYVYftAWUiq","level":0,"time":"2024-01-25T19:50:02+01:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","message":"Calling LDAP function ldap_unbind with parameters [{}]","userAgent":"--","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"gw2Cj2wG18nytoGnjajp","level":0,"time":"2024-01-25T19:58:39+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"GET","url":"/s/Pc33Yiwzi9G7Czc","message":"Calling LDAP function ldap_explode_dn with parameters [\"Pc33Yiwzi9G7Czc\",0]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"gw2Cj2wG18nytoGnjajp","level":0,"time":"2024-01-25T19:58:39+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"GET","url":"/s/Pc33Yiwzi9G7Czc","message":"No DN found for Pc33Yiwzi9G7Czc on ldap://addc1-2k19.eec31.local","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"gw2Cj2wG18nytoGnjajp","level":0,"time":"2024-01-25T19:58:39+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"GET","url":"/s/Pc33Yiwzi9G7Czc","message":"Calling LDAP function ldap_explode_dn with parameters [\"Pc33Yiwzi9G7Czc\",0]","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}
{"reqId":"gw2Cj2wG18nytoGnjajp","level":0,"time":"2024-01-25T19:58:39+01:00","remoteAddr":"192.168.1.1","user":"sam","app":"user_ldap","method":"GET","url":"/s/Pc33Yiwzi9G7Czc","message":"No DN found for Pc33Yiwzi9G7Czc on ldap://srvdc.eec31.local","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0","version":"27.1.3.2","data":{"app":"user_ldap"}}

PASTE HERE

BlueBee · January 26, 2024, 1:59am

HI,

Can you describe what you actually changed on your domain?

AxelTwin1 · January 26, 2024, 4:35pm

Hi,
thanks for your reply.
Long story short (as much as I can),
I had 1 linux samba DC that was also file server to whom nextcloud sharing links were pointing.
this dc was stuck at domain functional level 2K8R2.
I transfered the fsmo roles to a windows 2K8R2 DC, demoted that linux DC, entered a server 2K12R2 DC, transfered the fsmo roles from windows 2k8R2 DC to that 2K12R2 DC, demoted the 2k8R2 DC entered a 2K19 DC raised the domain function level to 2K12R2 entered a second 2K19 DC which I named the same as the old samba DC with same IP (I cleand up all metadata and dns stuff before)
I moved all the files from the old linux DC to that 2K19 DC
I then removed the 2K12R2 DC and made my nextcloud point to that server.
I named 2K19DC that is hosting the files the same as the original one so I don’t lose the links…was supposed to…

I guess there is a mismatch with uid in the user database / shares and UID on actual users, or something like that.

AxelTwin1 · January 27, 2024, 1:15pm

I checked and no mismatch between users uid in NC database and uid in windows AD. Windows AD is running fine and NC is able to reach ldap. all light are green at user_ldap config test but users can’t authenticate with their AD user.
It seems that NC is not able to retrieve users, even thought when testing user_ldap config NC is giving the right number of users and groups. I guess there is a config in user_ldap that need to be set but can’t figure out wich one.

Any help would be appreciated

BlueBee · January 28, 2024, 4:58am

Maybe checked already, but could it be related to the firewall setting on the AD Server?

AxelTwin1 · January 28, 2024, 12:00pm

I think this is a kind of bug that appeared in NC 27.0 and still going on with 28.0
There is a few people with the same issue since NC27.0
Since I raised my domain functional level from 2K8 to 2K12 that issue appeard.
Tried to setup a new nextcloud from scratch, connected the user_ldap to my AD and same behaviour.
All light are green, user_ldap can find AD users but they are unable to login.
here is the error:
"LDAP Login: Could not get user object for DN cn=administrateur,cn=users,dc=domain,dc=tld. Maybe the LDAP entry has no set display name attribute?"
I tried with a 2K8 server and I get no errors, everything is working
Don’t know where tosearch but it is very anoying, this server is in production.