The webtop and nextcloud admins are working. These are application own users provided by the applications itself and have nothing to do with the LDAP/AD admin user. So you can’t login with the AD/LDAP user but app admin works. So the information about wrong AD/LDAP is correct.
Found a link for Webtop with AD:
EDIT:
What’s the result of
[root@server ~]# account-provider-test dump
{
"BindDN" : "CMB\\SERVER$",
"LdapURI" : "ldaps://ad.cmb.local",
"StartTls" : "",
"port" : 636,
"host" : "ad.cmb.local",
"isAD" : "1",
"isLdap" : "",
"UserDN" : "dc=ad,dc=cmb,dc=local",
"GroupDN" : "dc=ad,dc=cmb,dc=local",
"BindPassword" : "
...Do you have ldap or ldaps in ldapuri? Is the port correct?
EDIT2:
Here is my working AD part of /etc/sogo/sogo.conf for comparing:
/etc/sogo/sogo.conf
/* 45 AD authentication */
SOGoUserSources =(
{
id = AD_Users;
type = ldap;
CNFieldName = cn;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
IMAPLoginFieldName = userPrincipalName;
canAuthenticate = YES;
bindDN = "CMB\\SERVER$";
bindPassword = "ﶟ昂";
baseDN = "dc=ad,dc=cmb,dc=local";
bindFields = (
sAMAccountName,
userPrincipalName
);
hostname = ldaps://ad.cmb.local;
filter = "(objectClass='user')";
MailFieldNames = ("userPrincipalName");
scope = SUB;
displayName = "cmb.local users";
isAddressBook = YES;
},
{
id = AD_Groups;
type = ldap;
CNFieldName = name;
IDFieldName = sAMAccountName;
UIDFieldName = sAMAccountName;
canAuthenticate = YES;
bindDN = "CMB\\SERVER$";
bindPassword = "櫖ﶟ";
baseDN = "dc=ad,dc=cmb,dc=local";
hostname = ldaps://ad.cmb.local;
filter = "(objectClass='group') AND (sAMAccountType=268435456)";
MailFieldNames = ("userPrincipalName");
scope = SUB;
displayName = "cmb.local groups";
isAddressBook = YES;
}
);