Nextcloud AIO LDAPS setup

ℹ️ Support
, , , , ,
1

Hello,

I’m trying to configure LDAPS within my NexCloud-AIO instance.
the basic LDAP configuration works, but when I try to use ldaps I have the error message “Lost connection to ldap server”.

image

Only things I change between ldap and ldaps configuration is:

  • redeploy nextcloud AIO
    - stop and remove containers
    - Update docker-compose.yml adding NEXTCLOUD_TRUSTED_CACERTS_DIR=
    - run docker-compose
  • In LDAP integration
    - add ldaps:// before my ldap server FQDN
    - change port from 389 to 636

is the path to a directory on my host containing 1) the CA certificate 2 ) certificate from ldap server (signed by the CA)

I saw in several forum that I should declare my ldap server certificate to allow nextcloud to use it, but I do not understand how do that…

Moreover I’m pretty sure my ldap server is correclty configured because I’m already using it with LDAPS to log on other services (Syno DSM, pfsense)

My infra:
Host : Synology NAS (with container manager)
NextCloud AIO version : v10.7.0

Thanks in advance for your help

2

There may be more clues if you enabling additional logging. See the Admin Manual section on LDAP Troubleshooting.

3

I’ve checked log file but I did not find any usefull information…

I’ve continued to search on internet and find following additional steps :

  • Change ldap server by IP address (to avoid any DNS issue. The IP address is in SAN field of server certificate)
  • Manually copy certificates (the CA and ldap server) into nextcloud container (in /etc/ssl/certs)
  • Import certificates with occ command
  • Add “TLS_CACERT /etc/ssl/certs/CA_File_Name” into /etc/openldap/ldap.conf

And that work :smiley:

4

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.