Nextcloud LDAP AD Authentication

NethServer Version: 7.9.2003
Module:… Ldap

Sorry for the inconvenience family

I hope that you are well and with good health

I am trying to join a separate nextcloud server that I’ve put in place.

But I would like to connect him trough ldap module.

With the nethserver nextcloud ad I took for example, I can’t bind into ldap nethserver

“error can’t contact the server”

Please Huston help

Best regards all of you

@Vitor_Hugo_Barbosa

Salut Vitor!

I do not understand which way you want to connect…
NethServer AD connects to NethServer LDAP
or
NethServer LDAP connects to NethServer AD?

My 2 cents
Andy

It sounds like the objective is to have Nextcloud on a remote server authenticate against AD on a Neth server.

1 Like

Yes another (container) with Nextcloud joining nethserver AD ldap…

Here is a working config to compare:

2 Likes

Yes all that I need mark

1 Like

yes yes …YEAHHHHHHHHHHHHHH DONE MANY THANKS
first i try to allow on nethserver the ports 636 and 389
on the nextcloud container i allowed with ufw installed (debian 10 no gui obviously)
ufw allow 636
ufw allow 389

so on nextcloud ldap parameters (user admin settings–>install ldap module first and on ldap configuration put the following):
(this ip is fictif)
1str line: ldaps://192.168.4.30 (nethserver side info go to: ip active directory "users and groups --> active directory local–> click details -> 6th line “IP active directory”“the ad sssd ip container”)--------------- port 636
2nd line: ldapservice@ad.job.local
3rd line: bind password from your nethserver (users and groups --> active directory local–> click details -> 2nd line ( Bind password))
save the information of authentication (button)
4th line: dc=ad,dc=job,dc=local detect if you have green light you have already contacted the server

on the pane users
i had selected: computer, person,user

change request LDAP:

SELECT THE AD GROUPS NAME THAT YOU HAVE CREATED ON NETHSERVER USERS AND GROUPS, AND USERS (CHOICE showed on the nextcloud LDAP filter)

login attributs :
user LDAP/AD (selected)

change LDAP request:
select domain users, nethserver user AD groups, etc (as you like) …

Groups
only this object classes: group, top

only on this groups: Administrators, account operators, domain users, users, “nethserver ad group. created on nethserver users and groups”

click the button
verify the settings …

done

log off from your nextcloud user account


nextcloud web login

login user: tato
password: your ad user password

and there you go

after that will show to you as the first nextcloud login landing page


1 Like

Salut Andy ça va ?

Jai réussi à le connecter mon nextcloud en ldap…

I did it… (lazy to translate the rest of the sentence)

1 Like

Salut Vitor

Va bien!

All well, playing around with my new Proxmox, a HP Microserver Gen10 Plus…
Will be upgrading CPU and RAM, to a 6 Core, 12 Thread Xeon, and 64 GB RAM. (At the moment 32 GB).
For the Dual 10 GBE NIC I need to wait 4-6 weeks… :frowning:

But nice, compact, fairly powerful - and quiet!

Now installed in server-cabinet…

My 2 cents
Andy

4 Likes

:star_struck:wonderful Andy raid mdadm or zfs raid? :slight_smile:

ATM a single disk, waiting for some SSDs.

ZFS-Mirror is the goal… :slight_smile:

I’m planning for 2-3 such servers in cluster, and another one to be used as FreeNAS / TrueNAS, I also plan on replacing my present PBS with the same HP hardware. :slight_smile:

Nice thing is that the Server (Ordered without RAID Board) passes the Disks native to the OS - perfect for ZFS! This also allows for good SMART monitoring…

1 Like

Are you using HPE iLO for management?

@pike

Yes, I’m using ILO for OOB Management…

Well event multifactor works on nextcloud perfect this projet is for a client…
NethServer + raid proxmox + mfa+ synchronisation+nextcloud +pfsense+vdi gpu passthrough for windows vms
Ryzen 9 as processor and fulllll of ram… The advantage that ryzen as already gpu embedded on it (easier for gpu passthrough) they need for a architect 3d program… On the vms
… The high lights… What do you think is not confirmed yet but the objective is that with proxmox entreprise support module (800euros /anualy)…

Hi

The Ryzen isn’t a bad CPU, depending on the exact modell, it has quite good stats.

However, the Ryzen is NOT a Server CPU…
You will find the Ryzen in a lot of PCs, Notebooks, some NAS - but hardly any in Servers…

The Ryzen CPU works very well in Proxmox.

For my clients, I hardly use HW-Passthru, as this defeats HA / Migration. As soon as HW is involved, fast Migration won’t work, in fact, any Migration becomes a PITA, even a simple USB Stick!

I have seen a Proxmox built on a Mac HW, with a Mac running virtualized in Proxmox, and a much faster Grafik Card built in and passed thru to the Mac. This was also used for 3D/CAD…
The whole Proxmox was esentially here a powerful Workstation, not a virtualisation server anymore…

A fun project, but I’ld keep that Proxmox seperate and NOT in the company Cluster, if they are using one…

Is the 3D CPU application intended for local use (Working on a Proxmox connected Monitor) or for eg RDP Remote usage?

CAD and 3D are always a bit difficult. I have some doctors as clients and DICOM Images (X-Ray / Ultrasonic Images) are similiar to CAD. Size, Quality and MRI Machines have a very high resolution nowadays…

My 2 cents
Andy

Yes I know is not a server one and it will be rdp with GPU ressources accéssing

1 Like

RDP with high quality imaging is often an issue, especially with latency…
Like rotating an object in 3D. Locally no issue, but over RDP. As the whole image more or less changes, the compression / rendering have issues, especially on large screens, like doctors, ingenieurs and architects like to use… :slight_smile:

Thanks Andy

1 Like

I could not get this to work for my network, can someone please assist me, been trying for over a week to get this working :exploding_head:

Below is my config and what i am entering on Nextcloud

image ![image|361x314]
Nethserver

[root@localhost html]# realm discover bhpl.com
bhpl.com
type: kerberos
realm-name: BHPL.COM
domain-name: bhpl.com
configured: no
server-software: active-directory
client-software: sssd
required-package: oddjob
required-package: oddjob-mkhomedir
required-package: sssd
required-package: adcli
required-package: samba-common-tools

Nextcloud on CentOS 8

password is from bindings shown in config on nethserver

Did you allow invalid certs in the advanced settings (top right)?

Please also check nextcloud logs.