since yesterday afternoon no login for users and the admin via web and/or webdav are possible.
In log “/var/lib/univention-appcenter/apps/nextcloud/data/nextcloud-data/nextcloud.log” only found
{“reqId”:“S9o8jzD7F6kbzgyBhLlD”,“level”:2,“time”:“2019-11-06T11:28:09+00:00”,“remoteAddr”:“192.168.x.xxx”,“user”:“–”,“app”:“core”,“method”:“POST”,“url”:“/nextcloud/login?user=Administrator”,“message”:“Login failed: ‘Administrator’ (Remote IP: ‘192.168.x.xxx’)”,“userAgent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:70.0) Gecko/20100101 Firefox/70.0”,“version”:“16.0.5.1”}
Nothing in syslog. Reboot of the server doesn´t help.
I changed nothing …
Because I have not received a reply so far, I have deleted and reinstalled the existing installation.
Although I can now login with the user “nc-admin”, but a connection to the DC is not possible.
During the installation, the “Administrator” from the DC will not be added to the Nextcloud group “admin”:
cat /var/log/univention/join.log
…
<?xml version="1.0"?>
ok
200
OK
modifying uid=nfsuser,cn=Managed ..
E: object not found
modifying Service ..
LDAP Error: Invalid DN syntax: invalid DN: Service
modifying Accounts,dc=family,dc=e-schuett,dc=de ..
LDAP Error: Invalid DN syntax: invalid DN: Accounts,dc=family,dc=e-schuett,dc=de
Could not add Administrator to admin group, because user was not found:
....
I hang at the moment in the Nextcloud “Settings / LDAP / AD Integration” of the “nc_admin”, because no users found in the LDAP (but they are there incl. marked Nextcloud option).
I seems to me that the LDAP object is not properly created for the groups and users:
In “/var/lib/univention-appcenter/apps/nextcloud/data/integration” should be a “admin.secret”. Can you login with nc-admin and admin.secret password in nextcloud webgui?
the UCS variables for are wrong:
“nextcloud/ldap/baseUsers” + nextcloud/ldap/baseGroups" contained only the domain - in my case “my.domain.de” (three parts !)
No its standard variable. you can activate it in the user settings. please check this option in user settings. maybe its not available. if not, you have a join problem.
A Solution, if no other servers or apps are installed in this memberserver, is to reinstall the memberserver completely.
the ldapsearch found “nextcloudEnabled = 1” for all users.
If this term was used as a search criterion, then no entries was found.
This indicates a problem of the index, because when I correct manually each users entry for Nextcloud (1st delete+save, 2nd mark again+save), then these users were found in the same ldapsearch (and in nextcloud itselfs).
But logging in via “SSO & SAML” still does not work!
Here comes always “Access denied” even if I am previously logged in as “Administrator”.
Any idea ?