Problem: Federation Share to an LDAP Group

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version: 18.0.4
Operating system and version: Debian 10 Linux xxx 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u2 (2019-11-11) x86_64 GNU/Linux

Apache or nginx version: Server version: Apache/2.4.43 (Debian)
PHP version: PHP 7.3.18-1+0~20200514.58+debian10~1.gbp12fa4f

The issue you are facing:
When sharing a folder to an federated group which is provided by the remote ldap, I retrieve the error: InvalidArgumentException: Invalid Federated Cloud ID.
Sharing the same folder to the same instance but to an “internal” nextcloud group works fine.

Is this the first time you’ve seen this error? Yes

Steps to replicate it:

  1. Install Nextcloud, Create a folder
  2. Have a remote Instance (with ldap groups) you don’t control and you want to share with.
  3. Enable group federative share on both sides (or just the retrieving side ?)
  4. Share your folder with ldap-group@cloud.remote-instance.org or ldap-group@https://cloud.remote-instance.org and retrieve the error
  5. (Optional) Share your folder with (nextcloud group) admin@cloud.remote-instance.org or admin@https://cloud.remote-instance.org and retrieve a success

The output of your Nextcloud log in Admin > Logging:

[no app in context] Error: InvalidArgumentException: Invalid Federated Cloud ID at <<closure>>

0. /var/www/owncloud/lib/private/Collaboration/Collaborators/RemoteGroupPlugin.php line 61
   OC\Collaboration\Collaborators\RemoteGroupPlugin->splitGroupRemote("reffi@")
1. /var/www/owncloud/lib/private/Collaboration/Collaborators/Search.php line 65
   OC\Collaboration\Collaborators\RemoteGroupPlugin->search("reffi@", 200, 0, OC\Collaboration ... {})
2. /var/www/owncloud/apps/files_sharing/lib/Controller/ShareesAPIController.php line 221
   OC\Collaboration\Collaborators\Search->search("ldap-group@", [0,1,4,6,9], false, 200, 0)
3. /var/www/owncloud/lib/private/AppFramework/Http/Dispatcher.php line 170
   OCA\Files_Sharing\Controller\ShareesAPIController->search("ldap-group@", "folder", 1, 200, ["0","1","6","9","7","10","8","4"], false)
4. /var/www/owncloud/lib/private/AppFramework/Http/Dispatcher.php line 99
   OC\AppFramework\Http\Dispatcher->executeController(OCA\Files_Sharin ... {}, "search")
5. /var/www/owncloud/lib/private/AppFramework/App.php line 125
   OC\AppFramework\Http\Dispatcher->dispatch(OCA\Files_Sharin ... {}, "search")
6. /var/www/owncloud/lib/private/AppFramework/Routing/RouteActionHandler.php line 47
   OC\AppFramework\App::main("OCA\\Files_Shar ... r", "search", OC\AppFramework\ ... {}, {_route: "ocs.fi ... "})
7. <<closure>>
   OC\AppFramework\Routing\RouteActionHandler->__invoke({_route: "ocs.fi ... "})
8. /var/www/owncloud/lib/private/Route/Router.php line 299
   call_user_func(OC\AppFramework\ ... {}, {_route: "ocs.fi ... "})
9. /var/www/owncloud/ocs/v1.php line 82
   OC\Route\Router->match("/ocsapp/apps/fi ... s")

GET /ocs/v1.php/apps/files_sharing/api/v1/sharees?format=json&itemType=folder&search=reffi@&lookup=false&perPage=200&shareType[]=0&shareType[]=1&shareType[]=6&shareType[]=9&shareType[]=7&shareType[]=10&shareType[]=8&shareType[]=4
from xx.xx.xx.240 by xxx at 2020-05-27T08:46:45+00:00

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "18.0.4.2",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "forcessl": true,
        "ldapIgnoreNamingRules": false,
        "theme": "",
        "maintenance": false,
        "trusted_domains": [
            "cloud.xxx.xx",
            "xxx.xx-xxx.xx",
            "cloudpad.xx.xxx"
        ],
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "sendmail",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "loglevel": 0,
        "trashbin_retention_obligation": "auto",
        "overwrite.cli.url": "https:\/\/cloud.xxx.xxx",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "app_install_overwrite": [
            "calendar",
            "ownpad",
            "user_pwauth",
            "documents"
        ],
        "mysql.utf8mb4": true
    },
    "apps": {
        "accessibility": {
            "enabled": "yes",
            "installed_version": "1.4.0",
            "types": ""
        },
        "activity": {
            "enable_email": "no",
            "enabled": "yes",
            "installed_version": "2.11.0",
            "types": "filesystem"
        },
        "admin_audit": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "logging"
        },
        "backgroundjob": {
            "lastjob": "1433"
        },
        "bookmarks": {
            "enabled": "no",
            "installed_version": "2.3.4",
            "types": ""
        },
        "bruteForce": {
            "whitelist_1": "xxx.xxxx.0.0\/24",
            "whitelist_2": "xxx.xxxx.1.0\/24"
        },
        "bruteforcesettings": {
            "enabled": "yes",
            "installed_version": "1.6.0",
            "types": ""
        },
        "calendar": {
            "enabled": "yes",
            "installed_version": "2.0.3",
            "types": ""
        },
        "cloud_federation_api": {
            "enabled": "yes",
            "installed_version": "1.1.0",
            "types": "filesystem"
        },
        "comments": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "logging"
        },
        "contacts": {
            "enabled": "no",
            "installed_version": "3.3.0",
            "types": ""
        },
        "core": {
            "backgroundjobs_mode": "cron",
            "default_encryption_module": "OC_DEFAULT_MODULE",
            "encryption_enabled": "yes",
            "enterpriseLogoChecked": "yes",
            "global_cache_gc_lastrun": "1436795148",
            "installed.bundles": "[\"CoreBundle\"]",
            "installedat": "1389104474.6485",
            "lastcron": "1590569533",
            "lastupdateResult": "[]",
            "lastupdatedat": "1590567612",
            "moveavatarsdone": "yes",
            "oc.integritycheck.checker": "[]",
            "previewsCleanedUp": "1",
            "public_caldav": "calendar\/share.php",
            "public_calendar": "calendar\/share.php",
            "public_documents": "documents\/public.php",
            "public_files": "files_sharing\/public.php",
            "public_gallery": "gallery\/public.php",
            "public_webdav": "dav\/appinfo\/v1\/publicwebdav.php",
            "remote_caldav": "dav\/appinfo\/v1\/caldav.php",
            "remote_calendar": "dav\/appinfo\/v1\/caldav.php",
            "remote_carddav": "dav\/appinfo\/v1\/carddav.php",
            "remote_contacts": "dav\/appinfo\/v1\/carddav.php",
            "remote_core.css": "\/core\/minimizer.php",
            "remote_core.js": "\/core\/minimizer.php",
            "remote_dav": "dav\/appinfo\/v2\/remote.php",
            "remote_files": "dav\/appinfo\/v1\/webdav.php",
            "remote_filesync": "files\/appinfo\/filesync.php",
            "remote_webdav": "dav\/appinfo\/v1\/webdav.php",
            "repairlegacystoragesdone": "yes",
            "scss.variables": "35a20dc699bda08b826f180197856b39",
            "shareapi_allow_share_dialog_user_enumeration": "no",
            "shareapi_default_expire_date": "yes",
            "theming.variables": "ee69444d3d1a73753ae4340410876f7e",
            "updater.secret.created": "1588004644",
            "vendor": "nextcloud"
        },
        "dav": {
            "buildCalendarReminderIndex": "yes",
            "buildCalendarSearchIndex": "yes",
            "chunks_migrated": "1",
            "enabled": "yes",
            "installed_version": "1.14.0",
            "regeneratedBirthdayCalendarsForYearFix": "yes",
            "types": "filesystem"
        },
        "documents": {
            "converter": "local",
            "enabled": "no",
            "installed_version": "0.16.0",
            "types": "",
            "unstable": "false"
        },
        "encryption": {
            "enabled": "yes",
            "installed_version": "2.6.0",
            "masterKeyId": "master_312ea844",
            "publicShareKeyId": "pubShare_9fd5400f",
            "recoveryAdminEnabled": "1",
            "recoveryKeyId": "recovery_454d6396",
            "types": "filesystem",
            "useMasterKey": "0"
        },
        "federatedfilesharing": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": ""
        },
        "federation": {
            "autoAddServers": "0",
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "authentication"
        },
        "files": {
            "backgroundwatcher_previous_file": "1275",
            "backgroundwatcher_previous_folder": "575",
            "cronjob_scan_files": "500",
            "default_quota": "10 GB",
            "enabled": "yes",
            "installed_version": "1.13.1",
            "types": "filesystem"
        },
        "files_locking": {
            "enabled": "no",
            "installed_version": "",
            "types": "filesystem"
        },
        "files_pdfviewer": {
            "enabled": "no",
            "installed_version": "1.7.0",
            "types": ""
        },
        "files_rightclick": {
            "enabled": "yes",
            "installed_version": "0.15.2",
            "types": ""
        },
        "files_sharing": {
            "enabled": "yes",
            "incoming_server2server_group_share_enabled": "yes",
            "installed_version": "1.10.1",
            "outgoing_server2server_group_share_enabled": "yes",
            "types": "filesystem"
        },
        "files_texteditor": {
            "enabled": "no",
            "installed_version": "2.8.0",
            "types": ""
        },
        "files_trashbin": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "filesystem,dav"
        },
        "files_versions": {
            "enabled": "yes",
            "installed_version": "1.11.0",
            "types": "filesystem,dav"
        },
        "files_videoplayer": {
            "enabled": "yes",
            "installed_version": "1.7.0",
            "types": ""
        },
        "files_videoviewer": {
            "enabled": "no",
            "installed_version": "0.1.3",
            "ocsid": "166054",
            "types": ""
        },
        "firstrunwizard": {
            "enabled": "yes",
            "installed_version": "2.7.0",
            "types": "logging"
        },
        "gallery": {
            "enabled": "no",
            "installed_version": "18.4.0",
            "types": ""
        },
        "logreader": {
            "enabled": "yes",
            "installed_version": "2.3.0",
            "levels": "01111",
            "types": ""
        },
        "lookup_server_connector": {
            "enabled": "yes",
            "installed_version": "1.6.0",
            "types": "authentication"
        },
        "metadata": {
            "enabled": "yes",
            "installed_version": "0.11.1",
            "types": ""
        },
        "nextcloud_announcements": {
            "enabled": "no",
            "installed_version": "1.6.0",
            "pub_date": "Thu, 24 Oct 2019 00:00:00 +0200",
            "types": "logging"
        },
        "notifications": {
            "enabled": "yes",
            "installed_version": "2.6.0",
            "types": "logging"
        },
        "oauth2": {
            "enabled": "yes",
            "installed_version": "1.6.0",
            "types": "authentication"
        },
        "onlyoffice": {
            "DocumentServerInternalUrl": "",
            "DocumentServerUrl": "https:\/\/collabora.xx.xxx\/",
            "StorageUrl": "",
            "defFormats": "{\"docx\":\"true\",\"xlsx\":\"true\",\"pptx\":\"true\",\"ppsx\":\"true\",\"txt\":\"false\",\"csv\":\"false\"}",
            "enabled": "no",
            "installed_version": "4.1.1",
            "jwt_secret": "",
            "sameTab": "false",
            "settings_error": "Bad Request oder Timeout Fehlermeldung",
            "skey": "1521837389370",
            "types": "filesystem"
        },
        "ownpad": {
            "enabled": "yes",
            "installed_version": "0.6.14",
            "ownpad_ethercalc_enable": "yes",
            "ownpad_ethercalc_host": "https:\/\/calc.xxx.xxx",
            "ownpad_etherpad_apikey": "dc406b2ca3237109cf20eba813560264e27134b5ad80e44a7dc63e61f3617f70",
            "ownpad_etherpad_cookie_domain": "xxx.xxx",
            "ownpad_etherpad_enable": "yes",
            "ownpad_etherpad_host": "https:\/\/xxx.xxx.xxxn\/",
            "ownpad_etherpad_public_enable": "no",
            "ownpad_etherpad_useapi": "yes",
            "types": ""
        },
        "ownpad_lite": {
            "enabled": "no",
            "installed_version": "0.2",
            "types": ""
        },
        "password_policy": {
            "enabled": "yes",
            "enforceHaveIBeenPwned": "0",
            "installed_version": "1.8.0",
            "types": ""
        },
        "photos": {
            "enabled": "no",
            "installed_version": "1.0.0",
            "types": ""
        },
        "privacy": {
            "enabled": "yes",
            "installed_version": "1.2.0",
            "types": ""
        },
        "provisioning_api": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "prevent_group_restriction"
        },
        "recommendations": {
            "enabled": "yes",
            "installed_version": "0.6.0",
            "types": ""
        },
        "richdocuments": {
            "disable_certificate_verification": "",
            "enabled": "yes",
            "installed_version": "3.5.0",
            "types": "filesystem,dav,prevent_group_restriction",
            "wopi_url": "https:\/\/collabora.xxx.xxx"
        },
        "search_lucene": {
            "enabled": "no",
            "installed_version": "0",
            "ocsid": "168709",
            "types": "filesystem"
        },
        "serverinfo": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": ""
        },
        "settings": {
            "enabled": "yes",
            "installed_version": "1.0.0",
            "types": ""
        },
        "sharebymail": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "filesystem"
        },
        "support": {
            "enabled": "no",
            "installed_version": "1.1.0",
            "types": "session"
        },
        "survey_client": {
            "apps": "no",
            "database": "no",
            "enabled": "no",
            "encryption": "no",
            "files_sharing": "no",
            "installed_version": "1.5.0",
            "php": "no",
            "server": "no",
            "stats": "no",
            "types": ""
        },
        "systemtags": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": "logging"
        },
        "tasks": {
            "enabled": "yes",
            "installed_version": "0.12.2",
            "types": ""
        },
        "tasks_enhanced": {
            "enabled": "no",
            "installed_version": "0.4.1",
            "types": ""
        },
        "templateeditor": {
            "enabled": "no",
            "installed_version": "0.2",
            "types": ""
        },
        "text": {
            "enabled": "yes",
            "installed_version": "2.0.0",
            "types": "dav"
        },
        "theming": {
            "backgroundMime": "image\/png",
            "cachebuster": "13",
            "color": "#AF0000",
            "enabled": "yes",
            "faviconMime": "image\/png",
            "installed_version": "1.9.0",
            "logoMime": "image\/png",
            "name": "XXX Cloud",
            "slogan": "***REMOVED SENSITIVE VALUE***",
            "types": "logging",
            "url": "***REMOVED SENSITIVE VALUE***"
        },
        "twofactor_backupcodes": {
            "enabled": "yes",
            "installed_version": "1.7.0",
            "types": ""
        },
        "updatenotification": {
            "bookmarks": "2.3.4",
            "bruteforcesettings": "1.6.0",
            "calendar": "2.0.3",
            "core": "18.0.4.2",
            "enabled": "[\"admin\"]",
            "files_pdfviewer": "1.2.1",
            "files_rightclick": "0.15.1",
            "installed_version": "1.8.0",
            "metadata": "0.10.0",
            "onlyoffice": "4.1.1",
            "richdocuments": "3.6.0",
            "tasks": "0.13.1",
            "theming": "1.4.5",
            "types": "",
            "update_check_errors": "0",
            "user_pwauth": "2.6.4"
        },
        "updater": {
            "enabled": "no",
            "installed_version": "0.6",
            "types": ""
        },
        "user_external": {
            "enabled": "no",
            "installed_version": "0.4",
            "ocsid": "166060",
            "types": "authentication,prelogin"
        },
        "user_ldap": {
            "enabled": "no",
            "installed_version": "0.4.3",
            "ocsid": "166061",
            "types": "authentication"
        },
        "user_pwauth": {
            "enabled": "yes",
            "installed_version": "2.6.4",
            "pwauth_path": "\/usr\/sbin\/pwauth",
            "types": "authentication",
            "uid_list": "1000-2000"
        },
        "user_webdavauth": {
            "enabled": "no",
            "installed_version": "0",
            "types": "authentication"
        },
        "viewer": {
            "enabled": "yes",
            "installed_version": "1.2.0",
            "types": ""
        },
        "workflowengine": {
            "enabled": "yes",
            "installed_version": "2.0.0",
            "types": "filesystem"
        }
    }
}

The output of your Apache/nginx/system log in /var/log/____:
Apache2. No Error log.

cloud.xxx.xxx:443 xx.xx.xx.240 - - [27/May/2020:10:55:57 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 4979 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"
cloud.xxx.xxx:443 xx.xx.xx.240 - - [27/May/2020:10:55:45 +0200] "GET /index.php/apps/logreader/poll?lastReqId=8QZUluyqdMC6auIJ1XL6 HTTP/1.1" 200 1298 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"
cloud.xxx.xxx:443 xx.xx.xx.240 - - [27/May/2020:10:55:58 +0200] "POST /ocs/v2.php/apps/files_sharing/api/v1/shares HTTP/1.1" 403 1098 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:76.0) Gecko/20100101 Firefox/76.0"

Did you solve the problem? We have the same. We can create federated shares with LDAP user but not with LDAP groups.

Nextcloud 20.0.4