LDAPS does not work properly, but ldapsearch and ldap:test-config do

ℹ️ Support
1
Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

System

Nextcloud version (eg, 20.0.5): 25.0.13
Operating system and version (eg, Ubuntu 20.04): Debian GNU/Linux 10 (buster)
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.38
PHP version (eg, 7.4): 7.4.33

The issue you are facing:

The supplied information for the LDAPS server sometimes works (is green and returns the correct number of elements in the base DN) and then does not work for several minutes to hours.
Error: Lost connection to LDAP server. (and see below).

Raw ldapsearch works, even when nextcloud-LDAP does not work.

php occ ldap:test-config 'the-config-number'

works and returns The configuration is valid and the connection could be established!; without intermittent issues.

The Root CA is correctly imported, openssl s_client works without intermittent issue.

The logs on my LDAP server show (on a failed request from Nextcloud):

ACCEPT from IP=x.x.x.x:58726 (IP=0.0.0.0:7636)
conn=10145 fd=13 TLS established tls_ssf=256 ssf=256
conn=10145 fd=13 closed (connection lost)

the LDAP server logs on a successfull request are as expected.

Logs in nextcloud (with level=0) show only the (correct) LDAP filters, but no information about the connection.

Does anyone have suggestions for further debugging this issue?

Additional Info

Is this the first time you’ve seen this error? Y

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

?php
$CONFIG = array (
  'instanceid' => 'xxxxx',
  'passwordsalt' => 'xxxxx',
  'secret' => 'xxxxx',
  'trusted_domains' =>
  array (
    0 => 'xxxxxxx',
  ),
  'trusted_proxies' =>
  array (
    0 => 'xxxxxx',
    1 => 'xxxxxx',
  ),
  'datadirectory' => '/data/data',
  'dbtype' => 'mysql',
  'version' => '25.0.13.2',
  'overwrite.cli.url' => 'xxxxxx',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'nextcloud',
  'dbpassword' => 'xxxxxx',
  'installed' => true,
  'maintenance' => false,
  'loglevel' => 2,
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'mysql.utf8mb4' => true,
  'memcache.local' => '\\OC\\Memcache\\APCu',
'redis' =>
  array (
    'host' => '/var/run/redis/redis.sock',
    'port' => 0,
    'dbindex' => 0,
    'password' => 'xxxxx',
    'timeout' => 1.5,
  ),
  'default_phone_region' => 'DE',
  'log_type' => 'file',
  'logfile' => '/var/log/nextcloud/nextcloud.log',
  'log_query' => false,
  'syslog_tag' => 'Nextcloud',
  'logdateformat' => 'F d, Y H:i:s',
  'log_rotate_size' => true,
);