LDAPS infinite loop with AADDS

Nextcloud version: 12.0.4
Operating system and version: Debian GNU/Linux 9 (stretch)
NGINX version: 1.12.2
PHP version: PHP 7.0.19-1

I had Nextcloud running with LDAP on our own ApacheDS instance and it was working fine. We moved to Azure AD and therefore tried to set up LDAPS.

I removed the existing LDAP configuration and created a new one. Logging in works fine, but opening the users overview keeps loading until it timeouts at +/- 3 minutes.

This commands also keeps loading for about 3 minutes and then gives a “segmentation error”:

root@nextcloud:/opt/nextcloud# sudo -u www-data php ./occ ldap:search "davy"

Davy is a user that is for sure present in our directory.

When issuing that command, I ran an ngrep parallel:

root@nextcloud:~# ngrep -d any -q host OUR_LDAPS_IP

And I see it keeps sending data back and forth until the Segmentation fault occurs. Since it’s LDAPS however I cannot see it, my attempts to do ssldumps on it were unsuccessful (I do have the private key however).


$CONFIG = array (
  'instanceid' => '***REDACTED***',
  'passwordsalt' => '***REDACTED***+nBc9fW+Iv',
  'secret' => '***REDACTED***+U1gv8/oWnt/KB5qwgXGyB4CUXsnmtwLLd4+',
  'trusted_proxies' =>
  array (
    0 => '***REDACTED***',
  'overwritehost' => '***REDACTED***',
  'overwriteprotocol' => 'https',
  'trusted_domains' =>
  array (
    0 => '***REDACTED***',
  'datadirectory' => '/var/nextcloud_data',
  'overwrite.cli.url' => '***REDACTED***',
  'dbtype' => 'mysql',
  'version' => '',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => '***REDACTED***',
  'installed' => true,
  'log_type' => 'file',
  'logfile' => '/var/log/nextcloud/nextcloud.log',
  'loglevel' => 2,
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => '\\OCA\\User_LDAP\\LDAPProviderFactory',
  'mail_smtpmode' => 'smtp',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_from_address' => 'nextcloud',
  'mail_domain' => '***REDACTED***',
  'mail_smtphost' => '***REDACTED***',
  'mail_smtpport' => '25',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => 'localhost',
    'port' => 6379,
  'cron_log' => true,
  'maintenance' => false,
  'theme' => '',
  'mail_smtpsecure' => 'tls',

What can I do to debug this and/or resolve this?

I figured it out. The issue was not related to AADDS but to remains of the old LDAP server.

I cleared the oc_preferences and oc_storage tables (after making a backup of all files of course!) and everything works fine!