Personal folders doesn't work after LDAP integration.

[lurendrejer]

Hi.
Version 2.0: After setting up ldap (using sAMAccountName as identifiers) the web-app just shows a rotating status indicator, when going to 'personal'.

Spaces, etc. works as expected.

Where do i go to troubleshoot? The ocis container doesn't really give me anything usable, even with ocis-logging set to 'debug'.
If i upgrade to 'latest/3.0alpha' users are unable to login, with ocis giving and error that the backend returned multiple objects.

LDAP is active directory and i'm having a hard time finding any real examples to go from.

[rhafer]

oCIS with LDAP is currently know to be broken (#5815) we're working on a fix. (But as you said you're using sAMAccountName as the id you might not be affected by that issue.

To be sure we'd need to know some more details about your configuration. Could you paste the envvars that you've set for your ocis instance (with passwords removed)

If you could attach the debug logs (preferably from latest/3.0 ) that might help as well.

[lurendrejer]

Hi and thank you.
All in all ocis seems a bit jittery.
My onlyoffice integration seems to randomly download files, instead of opening them in the editor also - but thats an issue for another day.

copy/paste below:

  LDAP_URI: ${LDAP_URI}
  LDAP_INSECURE: ${LDAP_INSECURE}
  LDAP_BIND_DN: ${LDAP_BIND_DN}
  LDAP_BIND_PASSWORD: ${LDAP_BIND_PASSWORD}
  LDAP_GROUP_BASE_DN: ${LDAP_GROUP_BASE_DN}
  LDAP_GROUP_FILTER:
  LDAP_GROUP_OBJECTCLASS: group
  LDAP_GROUP_SCHEMA_ID: cn
  LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: false
  LDAP_USER_BASE_DN: ${LDAP_USER_BASE_DN}
  LDAP_USER_FILTER:
  LDAP_USER_OBJECTCLASS: user
  LDAP_USER_SCHEMA_ID: sAMAccountName
  LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: false
  LDAP_USER_SCHEMA_USERNAME: sAMAccountName
  LDAP_LOGIN_ATTRIBUTES: sAMAccountName
  OCIS_ADMIN_USER_ID: "owncloudadmin"
  IDP_LDAP_LOGIN_ATTRIBUTE: sAMAccountName
  IDP_LDAP_UUID_ATTRIBUTE: sAMAccountName
  # IDP_LDAP_UUID_ATTRIBUTE_TYPE: binary
  IDP_LDAP_UUID_ATTRIBUTE_TYPE: text
  GRAPH_LDAP_SERVER_WRITE_ENABLED: "false"
  # OCIS_Run_servics
  OCIS_RUN_SERVICES: app-registry,app-provider,audit,auth-basic,auth-machine,frontend,gateway,graph,groups,idp,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav

The variables have working DN's and the bind dn variable is [email protected].
URI is ldap://domain.lan:389

[rhafer]

@lurendrejer Can share the logs with OCIS_LOG_LEVEL=debug of a failed login attempt when using the latest 3.0 alpha release?

[lurendrejer]

Hi
Afaik 3.0 changes the datastructure and can’t be downgraded - so I’m a little hesitant to go that route.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 10 days if no further activity occurs. Thank you for your contributions.