Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
J

jfergus1

@jfergus1
About
Posts
2
Topics
1
Groups
0
Followers
0
Following
0

Posts

Recent Best Controversial
  • LDAP Group support in Nextcloud
    J jfergus1

    Hi. I am relatively new to Cloudron and have been experimenting with it the past couple of weeks to see if it is a solution for my enterprise. After finding that the LDAP groups are not available in apps, especially Nextcloud, it’s pretty much a deal breaker. As no has responded with a specific use case, I will outline mine.

    Currently users and groups are defined in active directory. Access control to files shares and specific folders is done via group membership. Essentially, only members of the team working on a specific project are allowed to access the files for the project.

    One of the benefits of Cloudron is to link the platform to active directory and not have to setup individual apps access to active directory over and over again. However, without the propagation of the AD groups through LDAPs to Cloudron and finally to apps themselves, I would need to essentially manage access control within each individual app which will lead to errors and a maintenance nightmare.

    I like the product thus far, but this current issue is giving me pause.

  • LDAP Group support in Nextcloud
    J jfergus1

    I did some experimenting today by setting up a Nextcloud ldap profile to a windows server domain controller via ldap. After Nextcloud connected to the DC, the groups received over LDAP were populated in Nextcloud as expected. Here's a difference I noticed between the Cloudron LDAP server and the Windows DC.

    In Nextcloud -> LDAP/AD integration -> tab Groups -> "Only these object classes":

    • When connected to the DC, this drop down has an object class named "group", when that is selected, the groups are populated in Nextcloud.
    • When connected to the Cloudron LDAP server, this drop down does NOT have an object class named "group", just inetorgperson, organizationalperson, person, top, and user. I did try manually creating the LDAP query for objectclass=group. Nextcloud does get the count of groups correct, however they do not auto populate.

    How do we get the Cloudron LDAP server to feed up the "group" object class?

    I also noticed that the Server Tab, the Base DN is set to ou=users,dc=cloudron. Since Groups are at ou=groups,dc=cloudron, I would expect the Base DN to just be dc=cloudron as the Base user tree and Base group tree are set in the advanced tab. However when I try to set the Base DN to dc=cloudron, nextcloud does not like the config anymore.

  • Login
  • Don't have an account? Register
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search