Nextcloud LDAP integration with Zimbra

saifulslm09 · May 25, 2023, 2:01pm

I am using nextcloud 22.2.0 version. I am trying to integrate LDAP with zimbra. But I am still stuck at base DN thing. It’s not detecting automatically, so I manually input base DN: dc=domain,dc=com

I input my DN as: uid=zimbra,cn=admins,cn=zimbra

I am getting this error:

The base DN appears to be wrong. No object found in the given Base DN. Please revise.

From log:

{“reqId”:“wbJGva5ZyMSz6O0Nz2iB”,“level”:2,“time”:“2023-05-25T13:54:21+00:00”,“remoteAddr”:“10.136.1.4”,“user”:“admin”,“app”:“user_ldap”,“method”:“POST”,“url”:“/index.php/apps/user_ldap/ajax/wizard.php”,“message”:“Configuration Error (prefix s01): login filter does not contain %uid place holder.”,“userAgent”:“Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/113.0”,“version”:“22.2.10.2”}

Please advise.

jtr · June 1, 2023, 6:26pm

Shouldn’t your User DN also have dc?

saifulslm09 · June 6, 2023, 10:27am

I updated my DN as uid=zimbra,cn=admins,cn=zimbra,dc=domain,dc=com

But still I am getting the same error while test Base DN;

“The base DN appears to be wrong. No object found in the given Base DN.”

jtr · June 6, 2023, 8:52pm

Out of curiosity, does occ ldap:test-config succeed?

Sounds a little like this:

github.com/nextcloud/server

[Bug]: user_ldap Attempt for Paging? in Logging

opened 04:29PM - 14 Feb 22 UTC

q-wertz

bug 0. Needs triage 25-feedback

### ⚠️ This issue respects the following points: ⚠️ - [X] This is a **bug**, no…t a question or a configuration/webserver/proxy issue. - [X] This issue is **not** already reported on Github _(I've searched it)_. - [X] Nextcloud Server **is** up to date. See [Maintenance and Release Schedule](https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule) for supported versions. - [X] I agree to follow Nextcloud's [Code of Conduct](https://nextcloud.com/contribute/code-of-conduct/). ### Bug description In the admin logging I get the Error "Attempt for Paging?" from the `user_ldap` app. Not sure if related, but the LDAP/AD integration interface says `Configuration incorrect` and that `The Base DN appears to be wrong` but when checking on command line everything appears to be correct ```shell root@machine01:/var/www/nextcloud# sudo -u www-data ./occ ldap:test-config s03 The configuration is valid and the connection could be established! ``` Using google I stumbled into this https://github.com/owncloud/user_ldap/issues/423 which seems related. ### Steps to reproduce 1. Have a working LDAP config 2. (Maybe due to update) 3. Get error message in the Web interface ### Expected behavior - Command line tool and Web interface return the self results from the config check - A more precise message why the base DN is wrong when everything appears to work fine ### Installation method Manual installation ### Operating system Debian/Ubuntu ### PHP engine version PHP 7.4 ### Web server Nginx ### Database engine version MariaDB ### Is this bug present after an update or on a fresh install? Updated to a major version (ex. 22.2.3 to 23.0.1) ### Are you using the Nextcloud Server Encryption module? Encryption is Disabled ### What user-backends are you using? - [x] Default user-backend _(database)_ - [X] LDAP/ Active Directory - [ ] SSO - SAML - [ ] Other ### Configuration report ```shell { "system": { "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "nc.top.secret.de", "nc.topp.secret.de" ], "datadirectory": "***REMOVED SENSITIVE VALUE***", "dbtype": "mysql", "version": "22.2.3.0", "overwrite.cli.url": "https:\/\/nc.top.secret.de", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "", "dbtableprefix": "oc_", "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "mysql.utf8mb4": true, "maintenance": false, "session_lifetime": 604800, "session_keepalive": true, "mail_smtpmode": "smtp", "mail_sendmailmode": "smtp", "mail_domain": "***REMOVED SENSITIVE VALUE***", "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "25", "default_language": "de_DE", "default_locale": "de", "default_phone_region": "DE", "skeletondirectory": "", "loglevel": 2, "updater.release.channel": "stable", "app_install_overwrite": [ "drawio" ], "mail_smtpsecure": "tls", "ldapIgnoreNamingRules": false, "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory", "memcache.local": "\\OC\\Memcache\\APCu", "memcache.distributed": "\\OC\\Memcache\\Redis", "memcache.locking": "\\OC\\Memcache\\Redis", "redis": { "host": "***REMOVED SENSITIVE VALUE***", "port": 0, "password": "***REMOVED SENSITIVE VALUE***" } } } ``` ### List of activated Apps ```shell Enabled: - accessibility: 1.8.0 - activity: 2.15.0 - admin_audit: 1.12.0 - appointments: 1.11.12 - bruteforcesettings: 2.3.0 - calendar: 3.0.5 - calendar_resource_management: 0.1.0 - circles: 22.1.1 - cloud_federation_api: 1.5.0 - comments: 1.12.0 - contacts: 4.0.7 - dashboard: 7.2.0 - dav: 1.19.0 - deck: 1.5.5 - drawio: 1.0.2 - federatedfilesharing: 1.12.0 - federation: 1.12.0 - files: 1.17.0 - files_external: 1.13.0 - files_pdfviewer: 2.3.1 - files_rightclick: 1.1.0 - files_sharing: 1.14.0 - files_trashbin: 1.12.0 - files_versions: 1.15.0 - files_videoplayer: 1.11.0 - firstrunwizard: 2.11.0 - groupfolders: 10.0.2 - integration_gitlab: 1.0.3 - integration_openproject: 1.0.6 - logreader: 2.7.0 - lookup_server_connector: 1.10.0 - news: 17.0.1 - nextcloud_announcements: 1.11.0 - notifications: 2.10.1 - oauth2: 1.10.0 - password_policy: 1.12.0 - photos: 1.4.0 - polls: 3.4.2 - privacy: 1.6.0 - provisioning_api: 1.12.0 - quota_warning: 1.13.0 - recommendations: 1.1.0 - serverinfo: 1.12.0 - settings: 1.4.0 - sharebymail: 1.12.0 - smb_test: 0.3.3 - support: 1.5.0 - systemtags: 1.12.0 - tasks: 0.14.2 - text: 3.3.0 - theming: 1.13.0 - twofactor_backupcodes: 1.11.0 - updatenotification: 1.12.0 - user_ldap: 1.12.1 - user_status: 1.2.0 - viewer: 1.6.0 - weather_status: 1.2.0 - workflowengine: 2.4.0 Disabled: - contactsinteraction - encryption - mail - ransomware_protection - survey_client ``` ### Nextcloud Signing status ```shell No errors have been found. ``` ### Nextcloud Logs ```shell {"reqId":"xM6hlC9vjtmWFGEx5Lpo","level":3,"time":"2022-02-14T16:18:33+00:00","remoteAddr":"123.456.789.123","user":"admin.sonn","app":"user_ldap","method":"POST","url":"/apps/user_ldap/ajax/wizard.php","message":"Attempt for Paging? ","userAgent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","version":"22.2.3.0","id":"620a80d9cb9ae"} ``` ### Additional info We are using Global Catalog (port 3269)

saifulslm09 · June 9, 2023, 1:59pm

Hi,

I have tested it with openLDAP and it was successful. No configuration error.

I think zimbra’s user DN is the issue which I could not solve yet.