Multiple LDAP configs, failover and local users not working

yakamoneye · January 9, 2023, 10:34am

Nextcloud version (eg, 20.0.5): 24.0.8
Operating system and version (eg, Ubuntu 20.04): Ubuntu 20.04
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.41
PHP version (eg, 7.4): 7.4

Hey everyone,

we have multiple ldap configurations pointing to our Domain Controllers. Let’s say Ldap config s01 is pointing to DC1, s02 is pointing to DC2, s03 is pointing to DC3.

Now we demoted and removed DC1 from the system, and Nextcloud stopped working completly. I could not even login with local users - error message was “LDAP server not found”. After I deleted s01 with occ, I could access the system like before.

Is there a setting to force Nextcloud to use another configuration if the first one tried is not working? And why are local users not working when LDAP fails? I thought we can use one local admin account as fallback if remote authentication fails, but we got the same error message in the log when we tried to use the local user.

Thanks for any insight and help!

Regards,

Tobias

maxxer · March 1, 2023, 10:12am

I’ve had the similar problem recently, and wasn’t able to figure out a solution. So I came here to ask for help, and I found this and other threads about the same problem.

I haven’t found an open issue on GH, did you?

yakamoneye · March 13, 2023, 11:00am

No, I did not found anything about it until now. I need to remove the next DC next week, I could just try if it maybe is solved in the newest versions.

But I am glad that I am not the only one who has this problem…

maxxer · March 13, 2023, 12:52pm

I managed to work with fallback AD auth by using the Advanced tab, instead of configuring multiple backends:

mirko1 · April 9, 2024, 3:46pm

Thanks for sharing this! Does anyone know, if we will run into trouble, if we delete the second ldap config (which I configured before I found your post )
I configured the same LDAP via a second provider.