NC cannot connect to LDAP server

Nextcloud version: 21.0.2.1
Operating system and version: Ubuntu 20.04

The issue you are facing:

I cannot log in using the web Interface. I can see the login page, but when I provide my user credentials, I receive an internal server error.

From checking the nextcloud.log file, it seems that it cannot connect to my LDAP server, which is up, running and accessible. The error message is “Lost connection to LDAP server.”

How can I even find out where Nextcloud attempts to access the LDAP server? Do I have to set a different log level or something?

Is this the first time you’ve seen this error? Yes

Steps to replicate it:

  1. Attempt to login
  2. receive error

The output of your Nextcloud log in Admin > Logging:

Note: I cannot access the admin panel or anything on the web interface since I cannot log in.

I have replaced mentioning of my domain by “www.example.org” and of my username by “<Username>”.

{
   "reqId":"1RJRtXbXFOxLMGh2cLud",
   "level":3,
   "time":"2021-09-07T21:10:31+00:00",
   "remoteAddr":"79.202.98.35",
   "user":"--",
   "app":"no app in context",
   "method":"POST",
   "url":"/login",
   "message":{
      "Exception":"OC\\ServerNotAvailableException",
      "Message":"Lost connection to LDAP server.",
      "Code":0,
      "Trace":[
         {
            "file":"/var/www/html/apps/user_ldap/lib/LDAP.php",
            "line":421,
            "function":"processLDAPError",
            "class":"OCA\\User_LDAP\\LDAP",
            "type":"->",
            "args":[
               "*** sensitive parameter replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/LDAP.php",
            "line":344,
            "function":"postFunctionCall",
            "class":"OCA\\User_LDAP\\LDAP",
            "type":"->",
            "args":[
               
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/LDAP.php",
            "line":64,
            "function":"invokeLDAPMethod",
            "class":"OCA\\User_LDAP\\LDAP",
            "type":"->",
            "args":[
               "*** sensitive parameters replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Connection.php",
            "line":664,
            "function":"bind",
            "class":"OCA\\User_LDAP\\LDAP",
            "type":"->",
            "args":[
               "*** sensitive parameters replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Connection.php",
            "line":578,
            "function":"bind",
            "class":"OCA\\User_LDAP\\Connection",
            "type":"->",
            "args":[
               "*** sensitive parameters replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Connection.php",
            "line":198,
            "function":"establishConnection",
            "class":"OCA\\User_LDAP\\Connection",
            "type":"->",
            "args":[
               
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Connection.php",
            "line":206,
            "function":"init",
            "class":"OCA\\User_LDAP\\Connection",
            "type":"->",
            "args":[
               
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Access.php",
            "line":1145,
            "function":"getConnectionResource",
            "class":"OCA\\User_LDAP\\Connection",
            "type":"->",
            "args":[
               
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Access.php",
            "line":1333,
            "function":"executeSearch",
            "class":"OCA\\User_LDAP\\Access",
            "type":"->",
            "args":[
               "(&(|(objectclass=sambaSamAccount))(uid=<Username>))",
               "dc=www,dc=example,dc=org",
               [
                  "entryuuid",
                  "nsuniqueid",
                  "objectguid",
                  "guid",
                  "ipauniqueid",
                  "And 9 more entries, set log level to debug to see all entries"
               ],
               500,
               "*** sensitive parameter replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Access.php",
            "line":996,
            "function":"search",
            "class":"OCA\\User_LDAP\\Access",
            "type":"->",
            "args":[
               "(&(|(objectclass=sambaSamAccount))(uid=<Username>))",
               "dc=www,dc=example,dc=org",
               [
                  "entryuuid",
                  "nsuniqueid",
                  "objectguid",
                  "guid",
                  "ipauniqueid",
                  "And 9 more entries, set log level to debug to see all entries"
               ],
               "*** sensitive parameter replaced ***",
               "*** sensitive parameter replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Access.php",
            "line":880,
            "function":"searchUsers",
            "class":"OCA\\User_LDAP\\Access",
            "type":"->",
            "args":[
               "(&(|(objectclass=sambaSamAccount))(uid=<Username>))",
               [
                  "entryuuid",
                  "nsuniqueid",
                  "objectguid",
                  "guid",
                  "ipauniqueid",
                  "And 9 more entries, set log level to debug to see all entries"
               ],
               "*** sensitive parameter replaced ***",
               "*** sensitive parameter replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Access.php",
            "line":860,
            "function":"fetchListOfUsers",
            "class":"OCA\\User_LDAP\\Access",
            "type":"->",
            "args":[
               "(&(|(objectclass=sambaSamAccount))(uid=<Username>))",
               [
                  "entryuuid",
                  "nsuniqueid",
                  "objectguid",
                  "guid",
                  "ipauniqueid",
                  "And 9 more entries, set log level to debug to see all entries"
               ]
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/User_LDAP.php",
            "line":157,
            "function":"fetchUsersByLoginName",
            "class":"OCA\\User_LDAP\\Access",
            "type":"->",
            "args":[
               "*** sensitive parameter replaced ***",
               [
                  "entryuuid",
                  "nsuniqueid",
                  "objectguid",
                  "guid",
                  "ipauniqueid",
                  "And 9 more entries, set log level to debug to see all entries"
               ]
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/User_LDAP.php",
            "line":120,
            "function":"getLDAPUserByLoginName",
            "class":"OCA\\User_LDAP\\User_LDAP",
            "type":"->",
            "args":[
               "*** sensitive parameter replaced ***"
            ]
         },
         {
            "function":"loginName2UserName",
            "class":"OCA\\User_LDAP\\User_LDAP",
            "type":"->",
            "args":[
               "*** sensitive parameters replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/User_Proxy.php",
            "line":82,
            "function":"call_user_func_array",
            "args":[
               [
                  {
                     "__class__":"OCA\\User_LDAP\\User_LDAP"
                  },
                  "loginName2UserName"
               ],
               [
                  "*** sensitive parameter replaced ***"
               ]
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Proxy.php",
            "line":169,
            "function":"walkBackends",
            "class":"OCA\\User_LDAP\\User_Proxy",
            "type":"->",
            "args":[
               "LOGINNAME,<Username>",
               "loginName2UserName",
               [
                  "*** sensitive parameter replaced ***"
               ]
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/User_Proxy.php",
            "line":236,
            "function":"handleRequest",
            "class":"OCA\\User_LDAP\\Proxy",
            "type":"->",
            "args":[
               "LOGINNAME,<Username>",
               "loginName2UserName",
               [
                  "*** sensitive parameter replaced ***"
               ]
            ]
         },
         {
            "file":"/var/www/html/apps/user_ldap/lib/Helper.php",
            "line":288,
            "function":"loginName2UserName",
            "class":"OCA\\User_LDAP\\User_Proxy",
            "type":"->",
            "args":[
               "*** sensitive parameters replaced ***"
            ]
         },
         {
            "file":"/var/www/html/lib/private/legacy/OC_Hook.php",
            "line":110,
            "function":"loginName2UserName",
            "class":"OCA\\User_LDAP\\Helper",
            "type":"::",
            "args":[
               "*** sensitive parameters replaced ***"
            ]
         },
         {
            "file":"/var/www/html/lib/public/Util.php",
            "line":358,
            "function":"emit",
            "class":"OC_Hook",
            "type":"::",
            "args":[
               "\\OCA\\Files_Sharing\\API\\Server2Server",
               "preLoginNameUsedAsUserName",
               "*** sensitive parameter replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/password_policy/lib/ComplianceService.php",
            "line":91,
            "function":"emitHook",
            "class":"OCP\\Util",
            "type":"::",
            "args":[
               "\\OCA\\Files_Sharing\\API\\Server2Server",
               "preLoginNameUsedAsUserName",
               "*** sensitive parameter replaced ***"
            ]
         },
         {
            "file":"/var/www/html/apps/password_policy/lib/Listener/BeforeUserLoggedInEventListener.php",
            "line":44,
            "function":"entryControl",
            "class":"OCA\\Password_Policy\\ComplianceService",
            "type":"->",
            "args":[
               "*** sensitive parameter replaced ***",
               "*** sensitive parameter replaced ***"
            ]
         },
         {
            "file":"/var/www/html/lib/private/EventDispatcher/ServiceEventListener.php",
            "line":76,
            "function":"handle",
            "class":"OCA\\Password_Policy\\Listener\\BeforeUserLoggedInEventListener",
            "type":"->",
            "args":[
               {
                  "__class__":"OCP\\User\\Events\\BeforeUserLoggedInEvent"
               }
            ]
         },
         {
            "file":"/var/www/html/3rdparty/symfony/event-dispatcher/EventDispatcher.php",
            "line":251,
            "function":"__invoke",
            "class":"OC\\EventDispatcher\\ServiceEventListener",
            "type":"->",
            "args":[
               {
                  "__class__":"OCP\\User\\Events\\BeforeUserLoggedInEvent"
               },
               "OCP\\User\\Events\\BeforeUserLoggedInEvent",
               {
                  "__class__":"Symfony\\Component\\EventDispatcher\\EventDispatcher"
               }
            ]
         },
         {
            "file":"/var/www/html/3rdparty/symfony/event-dispatcher/EventDispatcher.php",
            "line":73,
            "function":"callListeners",
            "class":"Symfony\\Component\\EventDispatcher\\EventDispatcher",
            "type":"->",
            "args":[
               [
                  {
                     "__class__":"Closure"
                  }
               ],
               "OCP\\User\\Events\\BeforeUserLoggedInEvent",
               {
                  "__class__":"OCP\\User\\Events\\BeforeUserLoggedInEvent"
               }
            ]
         },
         {
            "file":"/var/www/html/lib/private/EventDispatcher/EventDispatcher.php",
            "line":86,
            "function":"dispatch",
            "class":"Symfony\\Component\\EventDispatcher\\EventDispatcher",
            "type":"->",
            "args":[
               {
                  "__class__":"OCP\\User\\Events\\BeforeUserLoggedInEvent"
               },
               "OCP\\User\\Events\\BeforeUserLoggedInEvent"
            ]
         },
         {
            "file":"/var/www/html/lib/private/EventDispatcher/EventDispatcher.php",
            "line":98,
            "function":"dispatch",
            "class":"OC\\EventDispatcher\\EventDispatcher",
            "type":"->",
            "args":[
               "OCP\\User\\Events\\BeforeUserLoggedInEvent",
               {
                  "__class__":"OCP\\User\\Events\\BeforeUserLoggedInEvent"
               }
            ]
         },
         {
            "file":"/var/www/html/lib/private/Server.php",
            "line":577,
            "function":"dispatchTyped",
            "class":"OC\\EventDispatcher\\EventDispatcher",
            "type":"->",
            "args":[
               {
                  "__class__":"OCP\\User\\Events\\BeforeUserLoggedInEvent"
               }
            ]
         },
         {
            "function":"OC\\{closure}",
            "class":"OC\\Server",
            "type":"->",
            "args":[
               "*** sensitive parameters replaced ***"
            ]
         },
         {
            "file":"/var/www/html/lib/private/Hooks/EmitterTrait.php",
            "line":107,
            "function":"call_user_func_array",
            "args":[
               {
                  "__class__":"Closure"
               },
               [
                  "*** sensitive parameter replaced ***",
                  "*** sensitive parameter replaced ***"
               ]
            ]
         },
         {
            "file":"/var/www/html/lib/private/Hooks/PublicEmitter.php",
            "line":41,
            "function":"emit",
            "class":"OC\\Hooks\\BasicEmitter",
            "type":"->",
            "args":[
               "\\OC\\User",
               "preLogin",
               [
                  "*** sensitive parameter replaced ***",
                  "*** sensitive parameter replaced ***"
               ]
            ]
         },
         {
            "file":"/var/www/html/lib/private/Authentication/Login/PreLoginHookCommand.php",
            "line":48,
            "function":"emit",
            "class":"OC\\Hooks\\PublicEmitter",
            "type":"->",
            "args":[
               "\\OC\\User",
               "preLogin",
               [
                  "*** sensitive parameter replaced ***",
                  "*** sensitive parameter replaced ***"
               ]
            ]
         },
         {
            "file":"/var/www/html/lib/private/Authentication/Login/Chain.php",
            "line":108,
            "function":"process",
            "class":"OC\\Authentication\\Login\\PreLoginHookCommand",
            "type":"->",
            "args":[
               {
                  "__class__":"OC\\Authentication\\Login\\LoginData"
               }
            ]
         },
         {
            "file":"/var/www/html/core/Controller/LoginController.php",
            "line":310,
            "function":"process",
            "class":"OC\\Authentication\\Login\\Chain",
            "type":"->",
            "args":[
               {
                  "__class__":"OC\\Authentication\\Login\\LoginData"
               }
            ]
         },
         {
            "file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php",
            "line":218,
            "function":"tryLogin",
            "class":"OC\\Core\\Controller\\LoginController",
            "type":"->",
            "args":[
               "*** sensitive parameters replaced ***"
            ]
         },
         {
            "file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php",
            "line":127,
            "function":"executeController",
            "class":"OC\\AppFramework\\Http\\Dispatcher",
            "type":"->",
            "args":[
               {
                  "__class__":"OC\\Core\\Controller\\LoginController"
               },
               "tryLogin"
            ]
         },
         {
            "file":"/var/www/html/lib/private/AppFramework/App.php",
            "line":157,
            "function":"dispatch",
            "class":"OC\\AppFramework\\Http\\Dispatcher",
            "type":"->",
            "args":[
               {
                  "__class__":"OC\\Core\\Controller\\LoginController"
               },
               "tryLogin"
            ]
         },
         {
            "file":"/var/www/html/lib/private/Route/Router.php",
            "line":302,
            "function":"main",
            "class":"OC\\AppFramework\\App",
            "type":"::",
            "args":[
               "OC\\Core\\Controller\\LoginController",
               "tryLogin",
               {
                  "__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"
               },
               {
                  "_route":"core.login.tryLogin"
               }
            ]
         },
         {
            "file":"/var/www/html/lib/base.php",
            "line":993,
            "function":"match",
            "class":"OC\\Route\\Router",
            "type":"->",
            "args":[
               "/login"
            ]
         },
         {
            "file":"/var/www/html/index.php",
            "line":37,
            "function":"handleRequest",
            "class":"OC",
            "type":"::",
            "args":[
               
            ]
         }
      ],
      "File":"/var/www/html/apps/user_ldap/lib/LDAP.php",
      "Line":382,
      "CustomMessage":"--"
   },
   "userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0",
   "version":"21.0.2.1"
}

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' =>
  array (
    0 =>
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 =>
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => 'redis',
    'password' => '',
    'port' => 6379,
  ),
  'mail_smtpmode' => 'smtp',
  'mail_smtphost' => 'smtp',
  'mail_smtpport' => '25',
  'mail_from_address' => 'cloud',
  'mail_smtpdebug' => true,
  'passwordsalt' => '*** censored ***',
  'secret' => '*** censored ***',
  'trusted_domains' =>
  array (
    0 => 'localhost',
    1 => 'www.example.org',
  ),
  'datadirectory' => '/srv/cloud',
  'dbtype' => 'mysql',
  'version' => '21.0.2.1',
  'overwrite.cli.url' => 'http://localhost',
  'dbname' => 'cloud',
  'dbhost' => 'mariadb',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'cloud',
  'dbpassword' => '*** censored ***',
  'installed' => true,
  'instanceid' => '*** censored ***',
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'example.org',
  'mail_smtpsecure' => '',
  'mail_smtpauthtype' => 'LOGIN',
  'maintenance' => false,
  'updater.secret' => '*** censored ***',
  'loglevel' => 2,
  'theme' => '',
  'mail_smtpauth' => false,
  'mail_smtpname' => '*** censored ***',
  'mail_smtppassword' => '*** censored ***',
);

Same problem here on 22.1.1.
Was working well on 21.0.3.

Already reported.
Github - Nextcloud issue 1572

You need to install libldap-common package.

apt install libldap-common