Support intro
Sorry to hear you’re facing problems
help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.
In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:
example
Or for longer, use three backticks above and below the code snippet:
longer
example
here
Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can
Nextcloud version 27.1.5
OS UBUNTU 22.04
Apache 2.4.58
PHP 8.2
Dovecot 2.3.16
The issue you are facing:
So I have Nextcloud fully working with normal password logins…
Mails arrive and part as expected.
I installed the Openid connect app with following
Client Id
Client ID nextcloud
Discovery endpoint https://auth.example.org/realms/ArealRealmName/.well-known/openid-configuration
Backchannel Logout URL
https://nextcloud.example.org/apps/user_oidc/backchannel-logout/keycloak
Redirect URI (to be authorized in the provider client configuration)
https://nextcloud.example.org/apps/user_oidc/code
I can login with Keycloak to Nextcloud
I can login to Dovecot with Keycloak… I tested this with a script.
I included this script just need to transform it to name.sh and make it executable
dovecot-tester.odt (33.3 KB)
.
When logged in via keycloak, I can create a new mail account in Nextcloud mailapp and this is seen the next login, however no mails arrive or part
This is the main part of /etc/dovecot/dovecot.conf file
dovecot.conf
auth_mechanisms = plain login xoauth2 oauthbearer
passdb {
driver = oauth2
mechanisms = xoauth2 oauthbearer
args = /etc/dovecot/dovecot-oauth2.conf.ext
}
userdb {
driver = static
args = uid=vmail gid=vmail home=/var/vmail/%d/%n
}
# authentication debug logging
auth_debug = yes
auth_verbose = yes
# provide SASL via unix socket to postfix
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0660
# Assuming the default Postfix user and group
user = postfix
group = postfix
}
}
This is the part of /etc/dovecot/dovecot-oauth2-conf.ext
dovecot-oauth2-conf-ext
introspection_url = https://auth.example.org/realms/whataname/protocol/openid-connect/token/introspect
introspection_mode = post
client_id = dovecot
client_secret = cdefkHGtkjdsfjr78fdsg855sdfgT8
The question is that when I login to Nextcloud with Keycloak
I see in the mailapp a small black circle with inside a exclamation sign, behind this is what appears my longnamed cloud federation id.
How can I use keycloak with dovecot to connect to a existing nextcloud mail account.
Thanks for reading
Guy