Nextcloud AIO 9.1.0-9.4.1: LDAP/AD connection errors

Hi,

I’m trying to setup the AIO 9.1.0 instance on my VM.
All containers are up and running (healthy, green).

I installed the “LDAP/AD integration” app for being able to connect to a user storage.

When I enter the server address (either IP, hostname or FQDN) and hit the “Detect port” button it fetches the correct port (at least 389).
Afterward I input my user DN and password, save it and try to detect base DN I always the the following error message:
image

I am 100% sure that the port, DN and pw are correct (as I’ve tested it again).

Inputting the base DN manually won’t work either. The test fails.
The logs only state:

I haven’t set anything else yet (not possible as it’s greyed out).

So what is the issue here?

Thanks for your help in advance.

/nightmare1942

Can you give us an idea of what you’re entering for the User DN and Base DN fields?

Docs: User authentication with LDAP — Nextcloud latest Administration Manual latest documentation

I am 100% sure that the port, DN and pw are correct (as I’ve tested it again).

You can set your Nextcloud loglevel to 0 (debug) and get more information from the LDAP integration app about what is going on.

Hi,
sorry about the log level. I thought I’ve already set it to debug.

Here you can see the DN I use (second log entry).
For the Base DN I just tried to use dc=domain,dc=tld which reflects my domain for testing purposes. I will later narrow and filter it if it works.

For now I’m using the IP for connection to LDAP.

DOes this help more?

Edit:
In one of the OUs there is an underscore. But this worked before with Nextcloud.

Noone has an idea what it might be?

I’ve tested it with LDAP Browser and everything works. Even with SSL. So the credentials are fine as well as the server and DN.

Something seems to be off with the AIO installation but what?
I updated to 9.3.0

I’ve upgraded to 9.4.1 and have the following error when using ldap:

When I use ldaps I’ll get:

Still no connection possible.

Okay I’ve got a little further now.

After setting the following settings (and only this way) I’ve seen some improvement:

  1. Set server as ldaps://<FQDN!>
  2. Set port as 636 or SSL port
  3. Tick the checkbox at “Manually enter LDAP filters (recommended for large directories)”

Afterwards base DN could be detected and some entries could be found:
image

So IMHO there seems to be a bug while trying to use the standard settings.

Still no users could be synced but I’ll see where this goes.
But please look at this as this definitey is a bug!