Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


SOLVED LDAP: Login with username is not possible anymore



  • Hello Team,

    out of a sudden it is not possible to login to Nextcloud via username. It still works with the e-mail address. If I try to check a username in the LDAP / AD integration -> Login Attributes section then Nextcloud returns the following error message:

    User not found. Please check your login attributes and username. Effective filter (to copy-and-paste for command-line validation):
    (&(&(|(objectclass=user)))(|(uid=someusername)(|(mailPrimaryAddress=someusername)(mail=someusername))))
    

    If I check the email addess then Nextcloud returns a User found and settings verified. message. In contrast the database user admin is still able to login via username.

    I already doublechecked the userconfig inside my.cloudron but I didn't stumble upon any specific misconfiguration. Could someone please point me into the right direction?

    Kind regards


  • Staff

    I do wonder where that filter is coming from in your case. Cloudron should set it (and also reset it during app restart) to:

    (&(objectclass=user)(|(username=%uid)(mail=%uid)))
    


  • I tried your idea to simply restart the app which solved the issue. 😄
    Nevertheless I can't reproduce what caused the problem in first place - also I'm not able to tell how the filter changed.

    Thank you very much for your quick support!


  • Staff

    Yeah ideally to prevent such changes of settings, we would be able to hide that UI within the nextcloud settings panel, but I don't see how that can be done.


  • App Dev

    @nebulon Custom plugin to hide it. I can write the plugin later and test then just include the plugin with the app.


  • Staff

    Given our experience with Nextcloud plugin handling, I would rather not want to maintain such a plugin actually. Ideally the ldap plugin itself (which is at least part of the core package) would have a flag to show/hide the UI. Not sure if this would get any traction upstream, but if you want to get your hands into a custom plugin, maybe you could roughly check if such a flag would be possible to add?


  • App Dev

    @nebulon hmmm yeah I could see the potential for extra work, but as long as the css for the ldap plugin doesn't change too much I'd imagine it would a "build it once and forget about it" situation.

    That said, adding the option to disable the ldap UI for non-admins is a no-brainer I'm sure for Nextcloud programmers.


Log in to reply