Nethserver 8 - I am not able to log into Nextcloud with any email address, but I can log in with same email addresses into Webtop

Nethserver 8 -

Testing logging into Nextcloud with email address I receive a username or password is incorrect from Nextcloud, I can however log in with just the username without the domain.

Testing logging into Webtop on the same Node with the same OpenLDAP provider works as expected, as in, I can log in with either the email address or username.

This is the Nextcloud error I receive with an email address login attempt -

2024-11-28T17:48:35+11:00 [1:nextcloud1:nextcloud-app] NOTICE: PHP message: [nextcloud][no app in context][2] {“reqId”:“vQie7lZ5uVY15Rm72MYw”,“level”:2,“time”:“2024-11-28T06:48:35+00:00”,“remoteAddr”:“192.168.15.40”,“user”:“–”,“app”:“no app in context”,“method”:“POST”,“url”:“/login”,“message”:“Login failed: [i have removed]@[i have removed] (Remote IP: 192.168.15.40)”,“userAgent”:“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36”,“version”:“28.0.9.1”,“data”:}

Notes-
I only have one provider and one node in this test.
Fresh installation on Rocky and is fully patched.
In setting up the server, I deleted the first provider set up and then I created a new provider.
Emails are incoming and outgoing without issues.

Webtop seems to just allow just appending the domain that is set in the Webtop app settings in cluster-admin without checking LDAP.

Nextcloud seems to check the LDAP mail field but it’s not filled with a mail address.

To enable login by mail address you need to enable “LDAP/AD Email Address” in the “LDAP/AD-Integration” in Nextcloud admistration settings.

To set mail addresses in LDAP/AD you could use LAM, see also ns8:applications:lam [NethServer & NethSecurity], as regards AD RSAT tools should work too.

Now you should be able to login to Nextcloud using the mail address.

3 Likes

Thanks Markus,

That worked.

Do you know if there are any plans to automate this as part of the user creation in the future?

1 Like

The mail LDAP attribute could become modifiable from both the cluster-admin and user portal if future core features, such as Single Sign-On, require it. However, there is currently no timeline for this.

2 Likes