I’m struggling to get a second NS server to join our first NS server configured as “Active Directory local accounts provider”. In my view the documentation is not really clear : should I use the “Join remote AD” method or the “remote LDAP” method ?
After failing to get the first method to work I tried to connect using remote LDAP and it worked, at least it looks so : no error messages with that configuration :
AD provider side :
“Client” side :
Now I want my user to be able to log onto the Nextcloud instance hosted on that NS, but it doesn’t work. Basically it can’t connect to the LDAP server ("“app”:“user_ldap”,“message”:“No LDAP Connection to server”)
Indeed, I need shared folders authentication (SMB with > 15 employees). In my view AD is kind of an LDAP on steroids. That’s the authenticate scheme that annoyed me. I hate those strange login ids with backslashes, domain names and terminating with a $ sign, it makes me nervous, I never really understood that thing coming right from the nineties
I must admit that I was a bit exhausted last night. After some experimentation with an Ldap browser, I was able to understand how this thing was working and to get the right parameters for nextcloud authentication. I was expecting nethserver to automagically configure itself after having joined the AD? I guess that the situation where nextcloud is not installed on the same machine is not supported ? Also the documentation should emphasis on the fact that the main nethserver instance is NOT the AD server (it is the virtual instance created at setup), it wasn’t so clear at that time, even if it sounds so obvious now.
It also turned out that the autocomplete feature of OSX Safari interferes with nextcloud’s authentication fields ! The fields are randomly and silently autocompleted even when they are hidden behind the various steps of the ldap configuration wizard. This added some confusion when debugging this issue. I’ll get in touch with the nextcloud team to make them aware of this.