LDAP user backend + Active Directory

Ask all your questions regarding OC 4.x and older. Please read the Support Forum Rules
Forum rules
Version 4 is not supported anymore! Please upgrade your ownCloud for security and support.
Before you post; make sure you are using at least PHP Version 5.3.x - Also read Support Forum - Read this before posting

LDAP user backend + Active Directory

Postby nkx » Sat Mar 03, 2012 3:06 am

How to make the authentication work with Active Directory?

When I turn on the LDAP user backend, the App settings show in the admin panel, but there is nothing in Users list. I can't even see owncloud users anymore.
I use the following settings:
Host: activedirectory_serveraddress
Port:389
Name: adminusername
Filter: (sAMAccountName=%uid)
Base: dc=sub_domain,dc=domaincontroller_name,dc=com
checked "case insensitive LDAP server"

I can't even find any records regarding this issue in logs. Looked all possible log files, such as /var/log/ and etc.
dependencies status is OK including php-ldap.

How do I test if the owncloud server authenticate with AD?

Passed Tests (8)
  • PHP Version:5.3.3
  • Server Software:(Apache) Apache/2.2.15 (CentOS)
  • Apache Mode:mod_php
  • php.ini:upload_max_filesize:40M
  • php.ini:post_max_size:40M
  • php.ini:memory_limit:128M
  • File upload limit:Upload files up to 40 MB
  • Config (Writeable):Config is writeable
No Critical Issues.
nkx
Newbie
 
Posts: 5
Joined: Sat Mar 03, 2012 12:54 am

Re: LDAP user backend + Active Directory

Postby sb9t » Sun Mar 04, 2012 3:23 am

Just subscribing to this thread. I'm trying to figure out the exact same thing.
Environment: HomeServer
Server: Windows Server 2008 R2 x64
Database: Sqlite
Client: Firefox/Chrome/InternetExplorer
Versions of OwnCloud and PHP: 4.5.1 and 5.x
sb9t
Beginner
 
Posts: 35
Joined: Tue Feb 14, 2012 4:28 am

Re: LDAP user backend + Active Directory

Postby lgwapnitsky » Tue Mar 06, 2012 10:02 pm

try using the full LDAP address for the connecting username.

Ex: cn=adminuser,ou=admingroup,dc=domain,dc=com
lgwapnitsky
Newbie
 
Posts: 4
Joined: Tue Mar 06, 2012 10:00 pm

Re: LDAP user backend + Active Directory

Postby nkx » Fri Mar 09, 2012 10:14 pm

I tried all possible variants of LDAP containers and usernames including you have suggested, but it's still doesn't show me the user/group list. It feels like the plugin itself doesn't want to work. I don't see any related log info that the plugin attempt to connect. The question is does the server required additional LDAP configuration? Where can I find authentication logs?
nkx
Newbie
 
Posts: 5
Joined: Sat Mar 03, 2012 12:54 am

Re: LDAP user backend + Active Directory

Postby nkx » Fri Mar 09, 2012 10:37 pm

The problem SOLVED!
I found a really useful Microsoft tool that does a ldap search through the AD server. This tool comes with MS 2003 server, run -> ldp)Basically it does the same thing as the plugin which is connecting to the server, binding a user and searching. It helped me to find the right credentials path. However, it was the same as the one I tried to use bofore, except that the some names contain capital letters, even though I checked case insensitive option. For Example:

(CN=Admin-User,OU=admingroup,DC=domain,DC=com)
nkx
Newbie
 
Posts: 5
Joined: Sat Mar 03, 2012 12:54 am

Re: LDAP user backend + Active Directory

Postby pheobe green » Sat Mar 10, 2012 9:48 am

nkx wrote:I tried all possible variants of LDAP containers and usernames including you have suggested, but it's still doesn't show me the user/group list. It feels like the plugin itself doesn't want to work. I don't see any related log info that the plugin attempt to connect. The question is does the server required additional LDAP configuration? Where can I find authentication logs?

can you explain it?
pheobe green
Newbie
 
Posts: 3
Joined: Sat Mar 10, 2012 9:42 am

Re: LDAP user backend + Active Directory

Postby lgwapnitsky » Mon Mar 12, 2012 1:47 pm

Doesn't look any different than what I suggested. What changed?
lgwapnitsky
Newbie
 
Posts: 4
Joined: Tue Mar 06, 2012 10:00 pm

Re: LDAP user backend + Active Directory

Postby nkx » Mon Mar 12, 2012 6:54 pm

the letters are capitalized. It my case the admin account contains capital letters and the words 'CN', 'OU', 'DC'.
nkx
Newbie
 
Posts: 5
Joined: Sat Mar 03, 2012 12:54 am

Re: LDAP user backend + Active Directory

Postby sb9t » Tue Mar 13, 2012 5:25 pm

How do you log in after setting up ldap? Can I use domain\username or does it have to be cn=adminuser,ou=admingroup,dc=domain,dc=com.

It's just not working for me so I wanted to make sure i'm using it right.
Environment: HomeServer
Server: Windows Server 2008 R2 x64
Database: Sqlite
Client: Firefox/Chrome/InternetExplorer
Versions of OwnCloud and PHP: 4.5.1 and 5.x
sb9t
Beginner
 
Posts: 35
Joined: Tue Feb 14, 2012 4:28 am

Re: LDAP user backend + Active Directory

Postby sb9t » Sat Mar 24, 2012 4:31 am

Can someone who has this working give me a little insight as to how to use it? I've tried this many different ways but I can't log in after configuring LDAP. I have other services using ldap and they work fine so i don't think its a server side issue.

For "base" am I specifying a OU or security group that can access owncloud? or am I to enter a user to query LDAP and the entire domain can use owncloud?

I just don't get it. I've tried every combination but it just doesn't seem to work.
Environment: HomeServer
Server: Windows Server 2008 R2 x64
Database: Sqlite
Client: Firefox/Chrome/InternetExplorer
Versions of OwnCloud and PHP: 4.5.1 and 5.x
sb9t
Beginner
 
Posts: 35
Joined: Tue Feb 14, 2012 4:28 am


Return to ownCloud Community Edition 4.x and older

Who is online

Users browsing this forum: No registered users and 12 guests