Nextcloud internal server error first login

nextcloud
ad-member

#1

Hi,

I just did a fresh install of UCS, joined it to my windows active directory domain and installed all available updates (4.3-2 errata331). so far everything seemed to work (login with domain credentials to ucs management, list users and groups etc.)

Then I installed nextcloud from the app center

Unfortunately the installer for docker apps seems to ignore proxy settings, but after opening the firewall for the ucs system, the installation went through.

But when I try to logon with my admin account to nextcloud web UI I’m getting an internal server error. “The server was not able to complete you request” (probably an unprecise translation from German to English)

It also says that I should look into the server log. Unfortunately this is my “first contact” with docker and I have no idea where to find it ^^

Any ideas?

Kind regards
Michael


#2

Hi @michael-hennemann,

only on the first login? If yes, then this could be related to https://github.com/nextcloud/server/issues/11474


#3

Hi,

nope, thats not it.
Even after a refresh of the site I am still getting the error.

So I am not able to log in at all.

kind regards
Michael


#4

Can you provide the log file? → /var/lib/univention-appcenter/apps/nextcloud/data/nextcloud-data/nextcloud.log


#5

Hi,

thanks for you reply! :slight_smile:

Here is the logfile

kind regards
Michaelnextcloud.log (65,5 KB)


#6

Did an update to 4.3-2 errata344 today - no difference :expressionless:


#7

Hi,
I just tossed away the UCS VM and startet with a clean fresh new one

  • Installation of UCS
  • Join of Windows Domain
  • Update to latest update (4.3-2 errata376)
  • Installation of NextCloud

-> Same error ! :weary::weary:

Am I the only one with this problem?

kind regards
Michael


Usermanagement owncloud: Internal Servererror
#8

OK, I finally figured it out ! :smiley:

(with the help of another guy in the forum and some googeling)

  1. First issue: DNS
    My UCS server creates a DNS record in my windows DNS during the initial setup and the domain join (actually there are two DNS records but I don’t know what the other one is for.)
    Unfortunately it did not update the record after I changed the IP address from a DHCP to a static one.
    Nextcloud uses the fqdn to connect to the local ldap server of the UCS and therefore fails to login any users. After correcting the dns record manually I was able to log in

  2. Second issue: Administrator
    I finally was able to log in to Nextcloud but only with a regular user and NOT with my builtin Administrator account. Nextcloud UI always said “wrong password”
    I was able to fix that by giving the administrator account a firstname, a lastname and a display name in my windows active directory. I’ve seen this behavior with a different linux appliance that used ldap to connect to a windows AD.

  3. Third issue: Administrative rights
    Despite of what univention claims in the app catalogue, my windows domain administrator is not a pre configured nextcloud admin by default. So I was able to login with my administrator account but in nextcloud it was just a regular user with standard user rights. To fix this I logged in via SSH and looked in the admin secret file

cat /var/lib/univention-appcenter/apps/nextcloud/conf/admin.secret

This seems to contain the password for the builtin nextcloud admin (“nc_admin”) account in plain text.
With that I was able to login to nextcloud with admin rights and give my windows domain administrator also admin privileges

If you ask me, these issues will be reproducible in any UCS setup with a windows domain and nextcloud

They should be considered as BUGS :roll_eyes:
And it should be in the interest of univention to fix them.


#9

hi,

thanks for reporting and posting the solution here, too. Great work!

It is indeed in the interest of Univention. Just to add:
First: If a user changes IP and does not take alls DNS records into account you can not call this a bug. Or at least not a bug which can be fixed by Univention…
Second: Sounds strange, indeed. If this can be reproduce I would suggest to tell Nextcloud about this issue.
Third: Same as on the second.

I assume you had the second and the third error because of the first. I could imagine (although I do not know it) all will get set up properly if the user’s configuration and installation procedure went well. So the scripts could create and sync all users as needed.

A misconfigured DNS is verly likely to cause all sort of trouble…

Despite of this there is always the possibility to create a bug.

/CV


#10

Hi Christian,
Thanks for your reply! :smiley:

I think a member server (or PC) in a windows domain should update his DNS record automatically. At least windows hosts do that. I guess for a server this is not that important (as the IPs don’t change that much) but a client pc should update its dns record after a change of ip address.
The UCS system was able to create the dns records at domain join so it should be able to change them after a change of IP address. :smile:

You might be right, maybe the second and the third issues are results of the first one…

Regards
Michael