I’m using NC 18 and would like to hear from anyone who has successfully set up a openldap server to control cloud access. I currently use only local users’ accounts administered by NC but would like to extend the security envelop with LDAP. I know there is some support for LDAP but would appreciate some advice on configuring Apache2 virtual servers for this purpose and for incorporating external virtual servers which will available from inside the NC instance. My LDAP is up and running but Apache2 virtual servers are a daunting task and LDAP is very cryptic as well.
brian
I haven’t done this with OpenLDAP, but the Microsoft flavor - Active Directory - works fine.
Since v12, IIRC…
I used some flavours here. MS AD with and without encrypton (Ports 389/636) and openldap with phpLDAPAdmin as a gui.
Both time i used dedicated servers for the ldap instance, but openldap should also be usable on the same box.
From the nextcloud point of view there is not much difference. You set your ldap filters correctly in the NC Webgui and you are good to go.
The hardest part in my opinion, is to make the right decision on how to config said ldap filters in the first place, since you do not want to change too much when its already in production.
Yes. This is the problem for me. The external websites I have configured into NC are virtual hosts under apache2 so I was really asking for advice and tips, pitfalls for seamlessly moving from the NC interface to an attached external website referenced from within NC, while still keeping control of the users. This is a way to publish static websites visible only to the community I have in NC. OpenLDAP being the ‘glue’ to keep it all together.
Sounds like you need a full on SSO setup. You’re going to need more than just OpenLDAP for that.
1 Like