+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
Wired Networks Thread, Anyone successfully linked ownCloud 4.0.2 to Active Directory in Technical; I have it installed on Ubuntu Server 12.04, and following lots a guides such as these , but whatever I ...
  1. #1

    Join Date
    Sep 2011
    Posts
    162
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Anyone successfully linked ownCloud 4.0.2 to Active Directory

    I have it installed on Ubuntu Server 12.04, and following lots a guides such as these, but whatever I try, I can't login to ownCloud as an AD user. When I do, I just get a blank page in Firefox, or a Server 500 error page in Chrome.

    If anyone manages to, can you show me what settings you used please for the ownCloud LDAP config page?

  2. #2

    Join Date
    Sep 2011
    Posts
    162
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Well I fixed the error 500 page by installing php5-ldap (duh!) on the server. Now when I try to login as an AD user into ownCloud, it just returns to the login page again and again.

  3. #3

    Join Date
    Jun 2012
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I am having the same issue, Ubuntu 12.04, just updated to owncloud 4.0.3a with the same issue. I am pointing at a RODC and seem to connect ok - but nothing is showing in users, nor am I am am to log in using AD credentials.

    I did have it working with a previous version and that seemed to import all the users into the user tab.

    Any help on this would be gratefully received.

  4. #4

    Join Date
    Jan 2010
    Location
    Pittsburgh
    Posts
    13
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    I did have the same problem. The solution was to change my base from OU=SomeOU,dc=Domain,dc=Local to ou=someou,dc=bwsd,dc=local I just had to lowercase everything in Base, Base User, & Base Group. Hope this helps

  5. #5

    Join Date
    Sep 2011
    Posts
    162
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Thanks, just tried but no joy. I just can't get it to work. Our LDAP is MS Active Directory. Other servers linking to it work fine, just not ownCloud. I now have ownCloud 4.0.4.

    If you use it with AD successfully and still have it would you mind screenshoting the LDAP settings pages for me please? I've tried countless combinations and it just won't link.

  6. #6

    Join Date
    Jan 2010
    Location
    Pittsburgh
    Posts
    13
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Below is my settings, i used this forum post to help generate my settings. OwnCloud Forums • View topic - LDAP Server 2008 R2 I hope this help you out some. Also enable debugging to see what is causing the problem. I recommend using tail to view the logfile directly instead of using the web interface.

    host: xx.xx.xx.xx
    Base: ou=department,ou=users,ou=building,dc=domain,dc=lo cal
    name: someuser@domain.local
    password: xxxxxxxxx
    user login filter: (&(sAMAccountName=%uid)(objectClass=person)(memberOf =CN=ownCloudAccess,CN=Users,DC=domain,DC=local)(!( userAccountControl:1.2.840.113556.1.4.804:=2)))
    user list filter: (&(objectclass=person)(memberOf=CN=ownCloudAccess,CN =Users,DC=domain,DC=local)(!(userAccountControl:1. 2.840.113556.1.4.804:=2)))
    port: 3268
    base user tree: ou=department,ou=users,ou=building,dc=domain,dc=lo cal
    base group tree: cn=users,dc=domain,dc=local
    Group-Member association: uniqueMemeber
    use TLS: unchecked
    case insensitive: unchecked
    Display Name Field: sAMAccountName
    Email Attribute: mail

  7. #7

    Join Date
    Sep 2011
    Posts
    162
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by asanders View Post
    Below is my settings, i used this forum post to help generate my settings. OwnCloud Forums • View topic - LDAP Server 2008 R2 I hope this help you out some. Also enable debugging to see what is causing the problem. I recommend using tail to view the logfile directly instead of using the web interface.

    host: xx.xx.xx.xx
    Base: ou=department,ou=users,ou=building,dc=domain,dc=lo cal
    name: someuser@domain.local
    password: xxxxxxxxx
    user login filter: (&(sAMAccountName=%uid)(objectClass=person)(memberOf =CN=ownCloudAccess,CN=Users,DC=domain,DC=local)(!( userAccountControl:1.2.840.113556.1.4.804:=2)))
    user list filter: (&(objectclass=person)(memberOf=CN=ownCloudAccess,CN =Users,DC=domain,DC=local)(!(userAccountControl:1. 2.840.113556.1.4.804:=2)))
    port: 3268
    base user tree: ou=department,ou=users,ou=building,dc=domain,dc=lo cal
    base group tree: cn=users,dc=domain,dc=local
    Group-Member association: uniqueMemeber
    use TLS: unchecked
    case insensitive: unchecked
    Display Name Field: sAMAccountName
    Email Attribute: mail
    You're a star! After so much frustration your settings have worked for me. The main changes being your style of hostname (IP address), base group tree being exactly like you mentioned only with domain name changed.

    Thanks so much!

  8. #8

    Join Date
    Jan 2010
    Location
    Pittsburgh
    Posts
    13
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Awesome!! Glad I could help.

  9. #9

    Join Date
    Sep 2011
    Posts
    162
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Would you know if there's a way I can use multiple security groups in the User List Filter box?
    I see you are using: (&(objectclass=person)(memberOf=CN=ownCloudAccess,CN =Users,DC=domain,DC=local)(!(userAccountControl: 1.2.840.113556.1.4.804:=2)))

    You're using a group called owncloudaccess. But I want to include a second group too.

  10. #10

    Join Date
    Jan 2010
    Location
    Pittsburgh
    Posts
    13
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Are you looking for user that is in this group AND this group?
    If so this should work (&(objectclass=person)(memberOf=CN=ownCloudAccess, CN=Users,DC=domain,DC=local)(memberOf=CN=othergrou p, CN=Users,DC=domain,DC=local)(!(userAccountControl: 1.2.840.113556.1.4.804:=2)))

    If you are looking for an OR try this
    (|(&(objectclass=person)(memberOf=CN=ownCloudAccess,CN =Users,DC=domain,DC=local)(!(userAccountControl:1. 2.840.113556.1.4.804:=2)))(&(objectclass=person)(memberOf=CN=othergroup,CN=Use rs,DC=domain,DC=local)(!(userAccountControl:1.2.84 0.113556.1.4.804:=2))))

  11. #11


    Join Date
    Sep 2008
    Posts
    1,766
    Thank Post
    323
    Thanked 258 Times in 211 Posts
    Rep Power
    120
    This isn't related to version 4, but I'm having the same problems specifying which groups to show under the users list with Owncloud 5. If I use the User List Filter as "objectclass=user" I can see all the users in the OU I want, but if I try setting Owncloud Access as described above "(&(objectclass=person)(memberOf=CN=ownCloudAccess,OU =Groups,DC=domain,DC=ntwk)" I don't get any matches. At this moment I only have 1 account that is in the OwncloudAccess group but I want to test by giving access to select members of staff rather than all.

    I have made this settings under the Basic tab but this is what generates the all or nothing matches. Any ideas where I am going wrong?
    Last edited by penfold; 15th April 2013 at 11:23 AM.

  12. #12

    Join Date
    Jan 2010
    Location
    Pittsburgh
    Posts
    13
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Here is a helpful tip to trouble shoot this issue. Goto Active Directory Users and Computers. Then right click on the domain and click find. In the "Find:" drop down select "Custom Search". Then click on the "Advanced" tab. This will allow you to trouble shoot your ldap query. So try this query and see what it generates for you.
    (&(objectclass=person)(memberOf=CN=ownCloudAccess, OU=Groups,DC=domain,DC=ntwk)(!(userAccountControl: 1.2.840.113556.1.4.804:=2)))

    If this query returns the expected result than the next step is to look at why ownCloud isn't returning the same results. Make sure the following settings are correct.

    user login filter: (&(sAMAccountName=%uid)(objectClass=person)(member Of=CN=ownCloudAccess,OU=Groups,DC=domain,DC=ntwk)( !(userAccountControl:1.2.840.113556.1.4.804:=2)))
    user list filter: (&(objectclass=person)(memberOf=CN=ownCloudAccess, CN=Groups,DC=domain,DC=ntwk)(!(userAccountControl: 1.2.840.113556.1.4.804:=2)))

    I suggest leaving in the userAccountControl this way disabled users can't get in. Is ownCloudAccess security group is in the OU Groups? Also becareful copying and pasting spaces can get inserted and this can mess with the results.

    Hope this helps

  13. Thanks to asanders from:

    penfold (15th April 2013)

  14. #13


    Join Date
    Sep 2008
    Posts
    1,766
    Thank Post
    323
    Thanked 258 Times in 211 Posts
    Rep Power
    120
    OK, it looks like the query is incorrect as it doesn't find any results(which is what Owncloud does). But this happens regardless of the member of group I use. Looks like I need to pay more attention to the ldap query until that works before importing it into Owncloud

  15. #14

    Join Date
    Jan 2010
    Location
    Pittsburgh
    Posts
    13
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    10
    Hmm... Lets double check a few things. If you open the group up in AD and click on members does it list any users in there? Is the user account enabled? Next lets check to make sure we have the correct path for the group in the query. In AD users and comptuer you need to enable advanced feature under View click advanced features. Open up the security group and click on Attribute Editor. Scroll down to distingushedName and double click to open then select all and copy. Now lets modify the query. The bold area is the only area where you should have to modify by pasting. Then copy the query and paste it into the custom search. Please note there shouldn't be any spaces in this query.

    Before: (&(objectclass=person)(memberOf=CN=ownCloudAccess,CN =Users,DC=domain,DC=local)(!(userAccountControl:1. 2.840.113556.1.4.804:=2)))
    After: (&(objectclass=person)(memberOf=CN=ownCloudAccess,OU=Groups,DC=domain,DC=ntwrk)(!(userAccountControl:1.2.840.113556.1.4.804:=2)) )

  16. Thanks to asanders from:

    penfold (16th April 2013)

  17. #15


    Join Date
    Sep 2008
    Posts
    1,766
    Thank Post
    323
    Thanked 258 Times in 211 Posts
    Rep Power
    120
    I can get the filter to find the restults I want except when I add the extra (!(userAccountControl: 1.2.840.113556.1.4.804:=2))) which is enough for me to start to roll out testing

    Thanks.

    Edit: OK just tried copying the last bit in again and now it works. Must have been a type so I assume that I had an extra space in there somewhere.

    thanks again
    Last edited by penfold; 16th April 2013 at 09:15 AM.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. [SCCM 2007] SCCM - Linking collections to Active Directory OU's
    By mjgreen in forum O/S Deployment
    Replies: 11
    Last Post: 28th November 2011, 08:48 AM
  2. Replies: 6
    Last Post: 14th November 2008, 03:44 PM
  3. Binding a Mac to Active Directory
    By simongrahamuk in forum Mac
    Replies: 3
    Last Post: 6th November 2008, 01:19 PM
  4. Replies: 7
    Last Post: 31st January 2008, 12:17 PM
  5. Importing data to Active Directory
    By fooby in forum Wireless Networks
    Replies: 3
    Last Post: 16th February 2006, 05:08 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •