[/details]
Nextcloud version: 13.0.2
Operating system and version: Centos 7
Apache or nginx version: Apache 2.4.6
PHP version: 7.1.17
The issue you are facing:
The connection with the LDAP is dropping several times…
Is this the first time you’ve seen this error? No
Steps to replicate it:
- Accessing the login page
The output of your Nextcloud log in Admin > Logging:
Error remote OC\ServerNotAvailableException: Lost connection to LDAP server.
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/LDAP.php - line 371: OCA\User_LDAP\LDAP->processLDAPError(Resource id #13)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/LDAP.php - line 295: OCA\User_LDAP\LDAP->postFunctionCall()
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/LDAP.php - line 46: OCA\User_LDAP\LDAP->invokeLDAPMethod(*** sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Connection.php - line 641: OCA\User_LDAP\LDAP->bind(*** sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Connection.php - line 568: OCA\User_LDAP\Connection->bind(*** sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Connection.php - line 181: OCA\User_LDAP\Connection->establishConnection()
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Connection.php - line 189: OCA\User_LDAP\Connection->init()
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 1058: OCA\User_LDAP\Connection->getConnectionResource()
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 1224: OCA\User_LDAP\Access->executeSearch('(|(sAMAccountNa...', Array, Array, 500, NULL)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 939: OCA\User_LDAP\Access->search('(|(sAMAccountNa...', Array, Array, NULL, NULL)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 843: OCA\User_LDAP\Access->searchUsers('(|(sAMAccountNa...', Array, NULL, NULL)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 816: OCA\User_LDAP\Access->fetchListOfUsers('(|(sAMAccountNa...', Array)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/User_LDAP.php - line 165: OCA\User_LDAP\Access->fetchUsersByLoginName('marlon.markendo...', Array)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/User_LDAP.php - line 182: OCA\User_LDAP\User_LDAP->getLDAPUserByLoginName('marlon.markendo...')
[internal function] OCA\User_LDAP\User_LDAP->checkPassword(*** sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/User_Proxy.php - line 108: call_user_func_array(Array, Array)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Proxy.php - line 150: OCA\User_LDAP\User_Proxy->callOnLastSeenOn('marlon.markendo...', 'checkPassword', Array, false)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/User_Proxy.php - line 196: OCA\User_LDAP\Proxy->handleRequest('marlon.markendo...', 'checkPassword', Array)
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Manager.php - line 204: OCA\User_LDAP\User_Proxy->checkPassword(*** sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Manager.php - line 181: OC\User\Manager->checkPasswordNoLogging(*** sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 693: OC\User\Manager->checkPassword(*** sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 727: OC\User\Session->checkTokenCredentials(Object(OC\Authentication\Token\DefaultToken), '32tvnsc7icdbjd0...')
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 257: OC\User\Session->validateToken(*** sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 232: OC\User\Session->validateSession()
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/legacy/app.php - line 336: OC\User\Session->getUser()
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/legacy/app.php - line 113: OC_App getEnabledApps()
/var/www/html/graficaibiruba.com.br/nuvem/remote.php - line 149: OC_App loadApps(Array)
{main}
Error index OC\ServerNotAvailableException: Lost connection to LDAP server.
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/LDAP.php - line 371: OCA\User_LDAP\LDAP->processLDAPError(Resource id #13)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/LDAP.php - line 295: OCA\User_LDAP\LDAP->postFunctionCall()
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/LDAP.php - line 46: OCA\User_LDAP\LDAP->invokeLDAPMethod(*** sensitive parameters replaced )
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Connection.php - line 641: OCA\User_LDAP\LDAP->bind( sensitive parameters replaced )
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Connection.php - line 568: OCA\User_LDAP\Connection->bind( sensitive parameters replaced )
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Connection.php - line 181: OCA\User_LDAP\Connection->establishConnection()
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Connection.php - line 189: OCA\User_LDAP\Connection->init()
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 1058: OCA\User_LDAP\Connection->getConnectionResource()
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 1224: OCA\User_LDAP\Access->executeSearch(’(|(sAMAccountNa…’, Array, Array, 500, NULL)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 939: OCA\User_LDAP\Access->search(’(|(sAMAccountNa…’, Array, Array, NULL, NULL)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 843: OCA\User_LDAP\Access->searchUsers(’(|(sAMAccountNa…’, Array, NULL, NULL)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Access.php - line 816: OCA\User_LDAP\Access->fetchListOfUsers(’(|(sAMAccountNa…’, Array)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/User_LDAP.php - line 165: OCA\User_LDAP\Access->fetchUsersByLoginName(‘marlon.markendo…’, Array)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/User_LDAP.php - line 182: OCA\User_LDAP\User_LDAP->getLDAPUserByLoginName(‘marlon.markendo…’)
[internal function] OCA\User_LDAP\User_LDAP->checkPassword( sensitive parameters replaced )
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/User_Proxy.php - line 108: call_user_func_array(Array, Array)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/Proxy.php - line 150: OCA\User_LDAP\User_Proxy->callOnLastSeenOn(‘marlon.markendo…’, ‘checkPassword’, Array, false)
/var/www/html/graficaibiruba.com.br/nuvem/apps/user_ldap/lib/User_Proxy.php - line 196: OCA\User_LDAP\Proxy->handleRequest(‘marlon.markendo…’, ‘checkPassword’, Array)
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Manager.php - line 204: OCA\User_LDAP\User_Proxy->checkPassword( sensitive parameters replaced )
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Manager.php - line 181: OC\User\Manager->checkPasswordNoLogging( sensitive parameters replaced )
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 693: OC\User\Manager->checkPassword( sensitive parameters replaced )
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 727: OC\User\Session->checkTokenCredentials(Object(OC\Authentication\Token\DefaultToken), ‘32tvnsc7icdbjd0…’)
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 257: OC\User\Session->validateToken( sensitive parameters replaced ***)
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 232: OC\User\Session->validateSession()
/var/www/html/graficaibiruba.com.br/nuvem/lib/private/User/Session.php - line 269: OC\User\Session->getUser()
/var/www/html/graficaibiruba.com.br/nuvem/lib/base.php - line 983: OC\User\Session->isLoggedIn()
/var/www/html/graficaibiruba.com.br/nuvem/index.php - line 37: OC handleRequest()
{main}
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'instanceid' => '*****',
'passwordsalt' => '*****',
'secret' => '********',
'trusted_domains' =>
array (
0 => 'www.graficaibiruba.com.br',
1 => 'graficaibiruba.interno',
),
'datadirectory' => '/var/www/html/graficaibiruba.com.br/nuvem/data',
'overwrite.cli.url' => 'https://www.graficaibiruba.com.br/nuvem',
'dbtype' => 'mysql',
'version' => '13.0.2.1',
'dbname' => 'nextcloud_db',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud',
'dbpassword' => '**********',
'installed' => true,
'ldapIgnoreNamingRules' => false,
'ldapProviderFactory' => '\\OCA\\User_LDAP\\LDAPProviderFactory',
'remember_login_cookie_lifetime' => 0,
'session_lifetime' => 300,
'session_keepalive' => 'false',
'lost_password_link' => 'disabled',
'memcache.local' => '\OC\Memcache\APCu',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => 'localhost',
'port' => 6379,
),
'log_type' => 'file',
'logfile' => '/var/log/nextcloud.log',
'loglevel' => '0',
'log_rotate_size' => '104857600',
'mail_smtpmode' => 'smtp',
'mail_smtpauthtype' => 'LOGIN',
'mail_smtpsecure' => 'tls',
'mail_from_address' => '*****',
'mail_domain' => 'graficaibiruba.com.br',
'mail_smtpauth' => 1,
'mail_smtphost' => '******',
'mail_smtpport' => '587',
'mail_smtpname' => '******',
'mail_smtppassword' => '*******',
);
~
The output of your Apache/nginx/system log in /var/log/____
:
[Tue May 08 13:53:54.860442 2018] [mpm_prefork:notice] [pid 12772] AH00170: caught SIGWINCH, shutting down gracefully
[Tue May 08 13:54:00.018301 2018] [suexec:notice] [pid 13037] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue May 08 13:54:00.020864 2018] [ssl:warn] [pid 13037] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue May 08 13:54:00.068445 2018] [auth_digest:notice] [pid 13037] AH01757: generating secret for digest authentication ...
[Tue May 08 13:54:00.069378 2018] [lbmethod_heartbeat:notice] [pid 13037] AH02282: No slotmem from mod_heartmonitor
[Tue May 08 13:54:00.071195 2018] [ssl:warn] [pid 13037] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue May 08 13:54:00.159373 2018] [mpm_prefork:notice] [pid 13037] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.17 configured -- resuming normal operations
[Tue May 08 13:54:00.159412 2018] [core:notice] [pid 13037] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Tue May 08 13:57:46.244162 2018] [mpm_prefork:notice] [pid 13037] AH00170: caught SIGWINCH, shutting down gracefully
[Tue May 08 13:58:06.388089 2018] [suexec:notice] [pid 13170] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue May 08 13:58:06.390702 2018] [ssl:warn] [pid 13170] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue May 08 13:58:06.430295 2018] [auth_digest:notice] [pid 13170] AH01757: generating secret for digest authentication ...
[Tue May 08 13:58:06.430970 2018] [lbmethod_heartbeat:notice] [pid 13170] AH02282: No slotmem from mod_heartmonitor
[Tue May 08 13:58:06.432249 2018] [ssl:warn] [pid 13170] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue May 08 13:58:06.516714 2018] [mpm_prefork:notice] [pid 13170] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.17 configured -- resuming normal operations
[Tue May 08 13:58:06.516744 2018] [core:notice] [pid 13170] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Tue May 08 14:11:34.975158 2018] [mpm_prefork:notice] [pid 13170] AH00170: caught SIGWINCH, shutting down gracefully
[Tue May 08 14:11:36.119890 2018] [suexec:notice] [pid 13642] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue May 08 14:11:36.121208 2018] [ssl:warn] [pid 13642] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue May 08 14:11:36.149497 2018] [auth_digest:notice] [pid 13642] AH01757: generating secret for digest authentication ...
[Tue May 08 14:11:36.150074 2018] [lbmethod_heartbeat:notice] [pid 13642] AH02282: No slotmem from mod_heartmonitor
[Tue May 08 14:11:36.151217 2018] [ssl:warn] [pid 13642] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue May 08 14:11:36.228723 2018] [mpm_prefork:notice] [pid 13642] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.17 configured -- resuming normal operations
[Tue May 08 14:11:36.228752 2018] [core:notice] [pid 13642] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Tue May 08 14:25:36.147068 2018] [mpm_prefork:notice] [pid 13642] AH00170: caught SIGWINCH, shutting down gracefully
[Tue May 08 14:25:46.302643 2018] [suexec:notice] [pid 14122] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue May 08 14:25:46.305189 2018] [ssl:warn] [pid 14122] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue May 08 14:25:46.340443 2018] [auth_digest:notice] [pid 14122] AH01757: generating secret for digest authentication ...
[Tue May 08 14:25:46.341009 2018] [lbmethod_heartbeat:notice] [pid 14122] AH02282: No slotmem from mod_heartmonitor
[Tue May 08 14:25:46.342188 2018] [ssl:warn] [pid 14122] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Tue May 08 14:25:46.419983 2018] [mpm_prefork:notice] [pid 14122] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.17 configured -- resuming normal operations
[Tue May 08 14:25:46.420018 2018] [core:notice] [pid 14122] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
LDAP Config:
+-------------------------------+----------------------------------------------------------------------------------------------------+
| Configuration | |
+-------------------------------+----------------------------------------------------------------------------------------------------+
| hasMemberOfFilterSupport | 1 |
| hasPagedResultSupport | |
| homeFolderNamingRule | attr:sAMAccountName |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | CN=Nextcloud Integrator,CN=Users,DC=graficaibiruba,DC=interno |
| ldapAgentPassword | *** |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackupHost | ldaps://srvad2.graficaibiruba.interno:636 |
| ldapBackupPort | |
| ldapBase | OU=Graficaibiruba,DC=graficaibiruba,DC=interno |
| ldapBaseGroups | |
| ldapBaseUsers | |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | sAMAccountName |
| ldapExpertUUIDUserAttr | sAMAccountName |
| ldapExpertUsernameAttr | sAMAccountName |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (&(objectClass=group)(MemberOf=CN=Nuvem,OU=Grupos,OU=GraficaIbiruba,DC=graficaibiruba,DC=interno)) |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 1 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | member |
| ldapHost | ldaps://srvad1.graficaibiruba.interno:636 |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (|(sAMAccountName=%uid)(mail=%uid)) |
| ldapLoginFilterAttributes | telephoneNumber |
| ldapLoginFilterEmail | 1 |
| ldapLoginFilterMode | 1 |
| ldapLoginFilterUsername | 1 |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | 0 |
| ldapPagingSize | 500 |
| ldapPort | 636 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | 2 GB |
| ldapTLS | 0 |
| ldapUserDisplayName | displayname |
| ldapUserDisplayName2 | |
| ldapUserFilter | (&(objectClass=user)(MemberOf=CN=Nuvem,OU=Grupos,OU=GraficaIbiruba,DC=graficaibiruba,DC=interno)) |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 0 |
| ldapUserFilterObjectclass | |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+----------------------------------------------------------------------------------------------------+