I have the SSO SAML app installed and activated, however I am not seeing “SSO & SAML Log in” on the login screen. No errors that I can find in any logs I am aware of.
I also have LDAP authentication enabled, but the “Allow the use of multiple user back-ends” is checked.
Just enabled or configured?
You’ll see this login option only after properly configuring it…
Here is an example
I suppose correct terminology would help in communicating my needs. The SSO SAML app was enabled and configured, I was not getting any errors so I assumed it was configured correctly. However, I will admit that SAML configurations in ADFS is a mental blind spot. I really struggle with it.
Will go back and check over everything. My problem at this point is a lack of logs, or reasoning, behind why the SSO option is not listed on the login page. My thought was that I would be able to troubleshoot issues as I attempted to log in.
Trial and error is the only way to tackle this…
Nextcloud docs on the SSO/SAML subject are enterprise only
https://portal.nextcloud.com/category/authentication/single-sign-on-x28%3Bsso-x29%3B/5/
I am aware of the support paywall, and I have no problem with it. At the moment I am trying to convince my boss to go with NC instead of Citrix Sharefile. If we deploy NC this year, then in next years budget will be an enterprise support license. I did the same thing with PFSense.
I will not be asking for help on this forum when it comes to configuring ADFS. The only thing I need to know is the requirements for getting the login button to show up. If I have that, I can go back and bang my head on the keyboard until I satisfy the requirements.
Will OpenID Connect instead of SAML do?
You can try to use this guide and replace Kolab with Nextcloud
https://www.privacyidea.org/versatile-2fa-single-sign-on-with-keycloak-and-privacyidea/
while using this app
https://apps.nextcloud.com/apps/oidc_login
Gives you a robust enterprise setup with LDAP and MFA…
I would have to do more digging to say one way or another. The key here is I don’t want my users to have to type in credentials.