troubleshooting Question

Nextcloud LDAP Connect with Windows AD failed

Avatar of Ralph Scharping
Ralph ScharpingFlag for Germany asked on
* LDAPWindows OSUbuntuLinuxLinux OS Dev
5 Comments1 Solution17 ViewsLast Modified:
Hi. We have a Windows AD with 2 DCs (2016 and 2012r2). Trying to connect fresh installed Nextcloud (Ubuntu, Nginx) with LDAP for User and Group Sync. Both Systems in the same Subnet, only Windows Firewall between.
Normal AD-User Operations are ok, like Connecting Windows PCs...
Nearly the Same setup done a few times without any Problems.

When I fill the LDAP integration Fields within Nextcloud get the following Errors:
Little Popup tells: "The Base DN appears to be wrong"

Base DN Detect tells me: "Base DN could not be auto-detected, please revise credentials, host and port".

Credentials are filled and proofed, also tested with an Administrator and another user account.
Credentials tested as follows (in other Setups this seems ok):
CN=Nextcloud,OU="OU of the User",DC=local,DC="Domain name",DC=de

In the Nextcloud Error-Log I get:
Error: ldap_search(): Search: Operations error at /var/www/nextcloud/apps/user_ldap/lib/LDAP.php#341
/var/www/nextcloud/apps/user_ldap/lib/LDAP.php - line 229:
OCA\User_LDAP\LDAP->OCA\User_LDAP\{closure}("*** sensiti ... *")
/var/www/nextcloud/apps/user_ldap/lib/LDAP.php - line 341:
/var/www/nextcloud/apps/user_ldap/lib/LDAP.php - line 234:
OCA\User_LDAP\LDAP->invokeLDAPMethod("*** sensiti ... *")
/var/www/nextcloud/apps/user_ldap/lib/Access.php - line 1094:
/var/www/nextcloud/apps/user_ldap/lib/Access.php - line 1098:
OCA\User_LDAP\Access->OCA\User_LDAP\{closure}("*** sensiti ... *")
/var/www/nextcloud/apps/user_ldap/lib/Access.php - line 1151:
OCA\User_LDAP\Access->invokeLDAPMethod("*** sensiti ... *")
/var/www/nextcloud/apps/user_ldap/lib/Access.php - line 1256:

I'm not sure how to test if its Nextcloud or my AD having an Problem.
In AD Log "Directory Service" from the 2016 DC there is no entry.
Trying to connect to the 2012r2 DC I get some Errors but not sure whether this is related to my Test:

- System
  - Provider
   [ Name]  Microsoft-Windows-ActiveDirectory_DomainService
   [ Guid]  {0e8478c5-3605-4e8c-8497-1e730c959516}
   [ EventSourceName]  NTDS LDAP
  - EventID 1535
  [ Qualifiers]  16384
   Version 0
   Level 4
   Task 16
   Opcode 0
   Keywords 0x8080000000000000
  - TimeCreated
[ SystemTime]  2021-05-08T08:50:37.195270700Z
   EventRecordID 18534371
  - Execution
   [ ProcessID]  576
   [ ThreadID]  1868
   Channel Directory Service
  - Security
   [ UserID]  S-1-5-7
- EventData
   000004DC: LdapErr: DSID-0C0907E9, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580

Please Help.

Ralph Scharping
Digital Therapist

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 5 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros