Hello, is it possible to connect a Nextcloud on another server in the network to the SAMBA AD of the Nethserver8 via LDAP?
Are there any instructions for this?
Kind regards Frank
1 Like
If you have an NS8 Samba DC and a Nextcloud server (not NS8) on the same LAN, there’s one important setting you must not forget to enable for them to work together.
The DC must be provisioned with the following option:
Provide file shares and authentication to Windows clients
See also: https://docs.nethserver.org/projects/ns8/en/latest/user_domains.html#active-directory
This option ensures that Samba binds to the NS8 LAN IP address and becomes visible to other LAN hosts.
3 Likes
Hello, I have set the point with “Provide file shares and authentication to Windows clients” and set the LAN interface.
Unfortunately no success: Connection to LDAP server could not be established
We have installed the NS8 on Debian 12 in a VM under Proxmox. The Nextcloud (external) was installed as an LXC container on the same Proxmox host.
I tested it and these settings in Nextcloud administration - LDAP/AD integration worked. 192.168.3.31 is my NS8 samba server.
Server:
Users:
Login Attributes:
Groups:
Many thanks for your help! I also have these settings analogous to my domain .
root@nextcloud:~# ldapsearch -H ldaps://192.168.7.11:389 -D "ldapservice@ad.procurator.immobilien" -W -b "cn=ad,dc=procurator,dc=immobilien"
Enter LDAP Password:
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
On port 389 STARTTLS is used so you need ldap:// instead of ldaps://.
To enable STARTTLS the -Z option is needed.
NS8 doesn’t use a valid cert for samba so you need to add LDAPTLS_REQCERT=never before ldapsearch to ignore the cert.
This ldapsearch command worked in my test:
LDAPTLS_REQCERT=never ldapsearch -H ldap://192.168.3.31:389 -D "ldapservice@ad.mrmarkuz.com" -W -Z -b "dc=ad,dc=mrmarkuz,dc=com"
If you like to use TLS on port 636 this one should work:
LDAPTLS_REQCERT=never ldapsearch -H ldaps://192.168.3.31:636 -D "ldapservice@ad.mrmarkuz.com" -W -b "dc=ad,dc=mrmarkuz,dc=com"
Very good and thanks for the help. Now I’m getting closer.
root@nextcloud:~# LDAPTLS_REQCERT=never ldapsearch -H ldap://192.168.3.244:389 -D "ldapservi
ce@ad.funkquelle.net" -W -Z -b "cn=ad,dc=funkquelle,dc=net"
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <cn=ad,dc=funkquelle,dc=net> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 3
result: 32 No such object
text: acl_read: Error retrieving instanceType for base. at source4/dsdb/samdb/l
db_modules/acl_read.c:967
# numResponses: 1
root@nextcloud:~#
However, this does not yet work via the Nextcloud GUI. Do I have to change anything on the LXC container (Nextcloud) or on the VM (NS8)?
The Nextcloud settings from the screenshots should just work.
I found that I had an error in the command, it’s “dc=ad” instead of “cn=ad” in the base DN, I corrected my previous post.
OK, I have changed the base DN from cn=ad to dc=ad. I still can’t communicate with the NS8 to set the other parameters.
Do I need to change anything else on the LXC container (Nextcloud) or on the VM (NS8)?
