Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • availabilty of LDAP groups in apps

    Discuss
    8
    2 Votes
    8 Posts
    1k Views
    M

    @nebulon Would be great to see this in Cloudron 8 🙂 In combination with Nextcloud Group Folders this would give any admin a huge flexibilty in terms of rights and role models.

  • ldap authentication not working

    Solved Jellyfin
    17
    0 Votes
    17 Posts
    3k Views
    chymianC

    @nebulon

    the only thing I changed, after it was not working, was the servername in the general-settings, from an UUID to the fqdn, in the hope it would be better. that's all.

    sorry, I double thought of that also, but no, I haven't. I remember that after creating the instance I did set up my usual admin account & then had to add my personal user-account manually, I assumed there was no LDAP-connection (like wallabag), but did'nt check on it due to timely-restrictions. (means also NO time to fiddle with the setup)
    only after I added more users to it I checked for an LDAP-plugin and saw it is existent, but was not working. also - due to timely-restirctions - not investigating why it didn't work out of the box.
    since I had some time now, I started investigating, especially, since I had to create more and more user-accounts all way long, as the provided media gained on interests.

    after 35 years of systemadministration, I know, sometimes unexplainable things happen – it's just not always straight forward as it everyone would suspect.

    hab's gut derweil
    cheers
    günter

  • LDAP Config

    Solved Support
    5
    0 Votes
    5 Posts
    667 Views
    mdreiraM

    What I would like to do is that if I try to login to a new WP installation with the cloudron super-administrator user, an administrator user will be automatically generated in WP with my Cloudron access data. And if I enter as a common Cloudron user in WP, a user will be generated with their Cloudron access data with the role that I configure in the ldap plugin.

    In this way, if I also changed my login details in Cloudron, it would also change on all WP sites.

    This would also be good with the rest of the applications. It would simplify things a lot.

    This is possible?

  • Have a Cloudron instance as an LDAP provider?

    Locked Support
    7
    0 Votes
    7 Posts
    1k Views
    girishG

    @marcusquinn I marked this one as locked, but let me ask you some questions in the other thread.

  • LDAP for Discourse (and NodeBB)

    Solved Feature Requests
    4
    5 Votes
    4 Posts
    725 Views
    girishG

    Discourse has OIDC by now. NodeBB has no "supported" plugin, this has to be opened upstream.

  • Add user-specified groups to the LDAP server

    Feature Requests
    5
    3 Votes
    5 Posts
    593 Views
    jdaviescoatesJ

    Even if we could just get LDAP groups working with Nextcloud that'd be a big win imho given how many of us use Nextcloud (I think I'm correct in assuming it's the 2nd most popular app on Cloudron?)

  • Unable to login to app after update to 6.0

    Solved Support
    11
    0 Votes
    11 Posts
    861 Views
    mehdiM

    @girish Yes, it does appear to pass the correct credentials, and the function in question seems to give no error. I'll try to debug further on the app side, but for now I think we can just file this as an unexplained weird thing 🤷

  • Extra fields in LDAP

    Feature Requests
    13
    4 Votes
    13 Posts
    1k Views
    LonkleL

    @nebulon said in Extra fields in LDAP:

    The phonenumber for Mattermost is one such use-case, but that can be also solved without custom fields.

    Assuming there might be a need for this in the future - what was the solution you thought of?

    Also, even if app's don't use the fields, just having the Cloudron User directory more fleshed out might be a good thing for reference sake.

  • unusual ldap / user workflow

    Dolibarr
    12
    3 Votes
    12 Posts
    1k Views
    E

    @nebulon nice i like this sort of reply 🙂

  • 2 Votes
    7 Posts
    848 Views
    girishG

    Yup, saw that! It's on my todo list now to update peertube accordingly.

  • Help about LDAP

    Support
    2
    0 Votes
    2 Posts
    427 Views
    nebulonN

    This appears to be someone/bot trying out common usernames in one of your apps. Unfortunately this is not too uncommon, but also not an a real issue if you have strong passwords. The requests will be rate-limited as well to prevent proper brute-force attacks.

    The internal IP is associated to an app, it may or may not change when an app is restarted. However the ldap logs might indicate there are multiple apps configured to use LDAP. The port is actually dynamic per request, so that is the reason why it does not show in docker ps/inspect

  • Prevent Username/Email Change by users

    Moved Solved Feature Requests
    7
    0 Votes
    7 Posts
    826 Views
    girishG

    This is implemented in 5.4

  • What is behind this lookup in LDAP?

    Support
    2
    0 Votes
    2 Posts
    398 Views
    nebulonN

    Yes those log lines indicate a login attempt by an app. Each app makes the requests on the Cloudron local network. So different IPs indicate different apps.

    In your case it looks like someone/bot tries to login to some or your apps.

  • Does anybody use the plugin LDAP write in Nextcloud ?

    Solved Nextcloud
    4
    0 Votes
    4 Posts
    618 Views
    JOduMonTJ

    @nebulon said in Does anybody use the plugin LDAP write in Nextcloud ?:

    That is correct, our ldap server does not allow any modification or writes to the user directory.

    that is smart, because it is so easy to mess with LDAP

  • -1 Votes
    6 Posts
    688 Views
    nebulonN

    I will lock this thread in favor of https://forum.cloudron.io/topic/2189/ldap-ad-server to not divert the discussion

  • External LDAP servers?

    Discuss
    2
    0 Votes
    2 Posts
    330 Views
    girishG

    @YurkshireLad We don't use an external LDAP server ourselves but our customers use Active Directory or Okta often.

    OpenLDAP should work well with Cloudron's integration though.

  • I'm confused about Cloudron LDAP... do we have it or not?

    Solved Support
    4
    0 Votes
    4 Posts
    564 Views
    scookeS

    Merci beaucoup!

  • matrix user registration

    Solved Matrix (Synapse/Element)
    8
    0 Votes
    8 Posts
    1k Views
    girishG

    @xavierl I have pushed a new version of synapse that allows matrix to manage it's own users. If you re-install synapse, you will see this option.

  • Secure LDAP?

    Solved Support
    6
    0 Votes
    6 Posts
    740 Views
    girishG

    I think there's a genuine case in the future where if we introduce per-app admins, then app admin can access terminal of one app to see traffic (and sniff ldap/db creds) of another app. I think it's an excellent suggestion to remove it!

  • How to enable LDAP support in LAMP app?

    Moved Solved LAMP
    13
    1 Votes
    13 Posts
    2k Views
    girishG

    The latest LAMP app now has LDAP addon enabled. For existing installations, LDAP will still be off (sorry).