Password reset with LDAP not working


I’m facing a strange issue on my Nextcloud instance, when trying to reset a LDAP user passwort:

Nextcloud version : 16.0.3
Operating system and version: Ubuntu 18.04 as docker host
Docker version: Docker 19.03.1
Docker image: official nextcloud image -> nextcloud:16
Apache or nginx version: nginx/1.15.7 on Synology NAS
PHP version: PHP 7.3.7
Synology-LDAP server: 2.4.40-2496

Note: I am using the nginx reverse proxy of my Synology NAS (IP: to forward all traffic of port 443 to my application server (IP:

I want to allow a user to reset his/her password via E-Mail. So far i have configured the E-Mail server and my test user is receiving the password reset mail.

Steps to replicate it:

  1. After clicking on the button in the mail i am forwarded to the password reset form of nextcloud (so far so good).
  2. Now, if i enter a new password and click on the “reset password” button nothing happens afterwards.

The output of your Nextcloud log in Admin > Logging:

there is no log generated which is related to this event. I have deleted the server log and repeated the procedure. Nothing is written to the server logs!


$CONFIG = array (
  'instanceid' => 'ocqbrfqwh5cb',
  'passwordsalt' => 'boop!',
  'secret' => 'boop!',
  'trusted_domains' =>
  array (
    0 => 'localhost',
    1 => '',
    2 => '',
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'version' => '',
  'overwrite.cli.url' => '',
  'dbname' => 'nextcloud',
  'dbhost' => 'db',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'boop!',
  'dbpassword' => 'boop!',
  'installed' => true,
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' =>
  array (
    0 =>
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    1 =>
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => 'redis',
    'port' => 6379,
  'maintenance' => false,
  'has_rebuilt_cache' => true,
  'theme' => '',
  'loglevel' => 2,

The output of your Apache/nginx/system log in /var/log/____:

no logs are generated during the click event. I have checked the logs inside the nextcloud container and the logs on my Synology NAS

Console output of my browser:
The only hint i have is, when i click on the button i can see the following logs beeing generated in the console of my Firefox 69 (opened using F12).

Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf blockiert ("connect-src").

Sorry it’s german, but the meaning is: The settings of this page blocked a ressource while loading this page.

When i repeat the same with my Edge browser on Windows 10 i get an even more confusing message:

CSP14312: Die Direktive connect-src 'self' in Content-Security-Policy wurde durch eine Ressource verletzt: Die Ressource wird blockiert.

Does anyone have an idea what could be wrong?

Thanks in advance,



I found the solution by myself.

I analysed the link send within the reset E-Mail and realized, that nextcloud was generating a http link.
After studying the docs here i stumbled upon the config parameter ‘overwriteprotocol’ => ‘’,. I set it to ‘https’ and from now on the reset links are sent with https scheme. Furhtermore the password reset worked perfectly afterwards.