LDAP login and external storage

Hello!! I have another question! :slight_smile:

This is my environment:

  • Nextcloud 17.0.1 server [Linux machine]
  • Windows Server 2019 Domain Controller
  • Windows Server 2019 with shared folder

I configured LDAP in Nextcloud and works fine. I’m accessing to Nextcloud with my domain users, using “sAMAccountName” and “userPrincipalName” domain users attribute.

I have configured the Windows shared folder in Nextcloud as a “external storage” with SMB/CIFS protocol in user domain session, using “Login credentials, save in session” option.

This is the question:

If I login in Nextcloud with sAMAccountName attribute ({DOMAIN}{User}), the external storage load correctly and works fine.

If I login in Nextcloud with userPrincipalName attribute (mail format: user@domain), the external storage cannot load correctly.

Is it possible to make any adjustments to make it work?

Currently users access the Nextcloud service using the value of their mail / userPrincipalName attribute, as they do today almost all internet services.

It’s a shame not to be able to use external storage with automatic load with this account login format. But being ldap users …

Thanks for any comments about it.

Best regards!
Fran.

Hi, I have the same problem.
Nobody have resolve it?

Thanks

Max

Unfortunately no one has responded.

Hi!

I had the same problem and figured it out.
The problem is your UPN isn’t saved into the session while logging in.

First you go to Settings -> External storages and choose as authentication method Log-in credentials, save in database
I tried save in session but save in database is the only setting that works.

Next edit this file on your Nextcloud server:
/var/www/nextcloud/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php

Change: $storage->setBackendOption(‘user’,$credentials[‘user’]);
To: $storage->setBackendOption(‘user’, $uid);

Then go to: Settings -> LDAP / AD integration -> Expert
At “Internal Username Attribute:” enter sAMAccountName

ldap

The sAMAccountName will be put into the $uid variable you declared before.

Restart the webserver:
sudo service apache2 restart

And there you go!

Cheers,

Alwin