Connecting Synology NAS to Cloudron LDAP fails

I think there may be an issue in the mapping between the Synology LDAP and Cloudron LDAP If you look at the first screenshot provided by imc67, we have the option to select which LDAP profile to use. If you use the standard profile, you immediately run into the issues that imc67 described. However if you change the profile to custom (see screenshot below), everything checks out fine except for the "Check server schema" which goes away if one enables CIFS plain text authentication. But then you still get stuck when the Synology tries to join the Cloudron directory.

I'm trying to find the logs on the synology to get more details.

Here are the synology docs for how to join a Synology NAS to an external LDAP directory: https://kb.synology.com/en-me/DSM/help/DSM/AdminCenter/file_directory_service_join?version=7

@imc67 said in Connecting Synology NAS to Cloudron LDAP fails:

Scherm­afbeelding 2022-12-22 om 09.32.22.png

I was able to make some more progress at this screenshot.

For user profile:
filter: (objectClass=user)
uid: username
uidNumber: HASH(uid)

For group profile:
filter: (objectClass=user)
cn: cn
uidNumber: HASH(uid)

Then you have to enable CIFS plain text authentication.

I am stuck at the final step. It is late here so will try to figure it out over the weekend.

@imc67 were you able to figure this out?

@p44 @perelin @Gengar thank you for your suggestions, I'll be sure to check them out! Will post an update here once I have made a decision regarding a DNS provider.

@joseph Thanks for the step by step instructions... seems straightforward enough!

@BrutalBirdie I was not aware that Hetzner offered a DNS service. Thanks for the tip, will check them out!

@p44 You raise several valid points. Infact when I originally setup the I.T infrastructure for my SME, I chose service providers primarily based on technical aspects. Secondary was the cost element, but I did not pay any mind to political aspects.

But recent events (e.g. Russian invasion of Ukraine, Trump's ongoing global trade war) have changed my point of view where I now feel that it is important to make some political considerations as well. After all, as a business, when choosing a trade partner, you want to be assured of a certain level of economic and regulatory stability, both of which are closely tied to politics.

Have companies such as Digital Ocean or Cloudflare wronged me or my business in any way? No
Was I satisfied with service that I received from them? Absolutely yes
Are they directly responsible for the decisions being made by the current US administration? No
Is it unfair for me to stop purchasing their services due to no fault of their own? Perhaps so

In trying to find suitable EU software providers for my business, I am just trying to safeguard the business from any ill effects that could be caused by the political turmoil and uncertainty that lies ahead. It could be the case that in some scenarios, I am unable to find an EU based alternative and therefore must continue to use a US based service. And that's fine too. But at least I would have done what I could to reduce risk and exposure.

Due to the recent Trump administration shenanigans, I have decided that I will make concerted efforts to reduce my dependency on U.S. software companies, wherever possible. Ever since I came across Cloudron 4 years ago, I have been using Digital Ocean as my VPS provider. However this past weekend, I switched to Hetzner thanks to the number of satisfied users on this forum. The transition went smoothly with only one app (Nextcloud) running into some issues which I was able to resolve by myself using the official Cloudron documentation - so great job @girish @nebulon and the rest of the Cloudron team!

I have also been using Cloudflare DNS during the above period and while I have been happy with the services rendered, I feel that I need to change to a DNS provider incorporated in a country that respects global democracy, such as an EU member state.

Bunny DNS seems to be a popular choice on reddit and is supported on Cloudron. Does anyone here have personal experience with them? Are there other providers worthy of consideration?

And how would I go about migrating from Cloudflare DNS to a new provider with minimal downtime to applications hosted on my Cloudron server?

Thanks in advance for your feedback! Once the DNS migration is complete, I will start to look at migrating my outbound email relay provider (currently Amazon SES) followed by my remote backup provider (Backblaze) to friendlier destinations.

Where has this page on the dashboard gone as I can't seem to find it? Running 7.6.1.

Thanks for posting. I was wondering why I was receiving some weird error messages when trying to make DNS changes via cloudron.

On the web browser, I get an error message "This page isn't redirecting properly" or "too many redirects" depending on the browser.

There are some errors in the server logs, I will send the log file via email.

@nebulon
/_admin is not showing anything.

Fresh install of Surfer on Cloudron v7.5.2 (Ubuntu 20.04.3 LTS).

Unable to access the admin interface via /_admin.

I created a new SMTP user and that worked like a charm. Not sure why adding an access key for the existing cloudron SMTP user doesn't work.
Either way, important thing is that it is working now.
You may mark this thread as resolved. Thanks!

I have been using Amazon SES as an SMTP relay on my main domain (Domain A) for almost two years, without any issues.

I recently purchased a new domain (Domain B) and added it to Cloudron. In trying to set up the cloudron mail server to also use Amazon SES for outbound emails, I keep on receiving the error message: "Invalid login: 535 Authentication Credentials Invalid."

DKIM Set up for Domain B on Amazon SES has been completed.

On the Amazon SES access management side of things, it is the same user for Domains A & B but with 2 different access keys. (Access key 1 for Domain A , Access key 2 for Domain B)

I thought about copying the SMTP credentials in Cloudron from Domain A to Domain B to see if that would work, but the unmask password button doesn't seem to be working.

Any suggestions on how best to troubleshoot? Thanks

@nj Thanks for your hard work with this! I am looking forward to the day this becomes available in the app store us n00bs.

@girish @nebulon awesome, thank you!

@girish @nebulon have you had some time to look into this? or is it a question better suited over at the baserow community?

@robi Agreed as the docs on Cloudron are currently empty.