Indeed, I need shared folders authentication (SMB with > 15 employees). In my view AD is kind of an LDAP on steroids. That's the authenticate scheme that annoyed me. I hate those strange login ids with backslashes, domain names and terminating with a $ sign, it makes me nervous, I never really understood that thing coming right from the nineties
I must admit that I was a bit exhausted last night. After some experimentation with an Ldap browser, I was able to understand how this thing was working and to get the right parameters for nextcloud authentication. I was expecting nethserver to automagically configure itself after having joined the AD? I guess that the situation where nextcloud is not installed on the same machine is not supported ? Also the documentation should emphasis on the fact that the main nethserver instance is NOT the AD server (it is the virtual instance created at setup), it wasn't so clear at that time, even if it sounds so obvious now.
It also turned out that the autocomplete feature of OSX Safari interferes with nextcloud's authentication fields ! The fields are randomly and silently autocompleted even when they are hidden behind the various steps of the ldap configuration wizard. This added some confusion when debugging this issue. I'll get in touch with the nextcloud team to make them aware of this.
Thanks for helping !
EDIT : Nextcloud issue is known and handled : https://github.com/nextcloud/server/issues/4476