Group-Member association: member (AD) (idem: this makes no difference but this is supposedly the correct setting)Ĭlick Save, then click the Login Filter tab. Under Directory Settings enter these values:īase User Tree: CN=Users,DC=testnet,DC=netwerkīase Group Tree: DC=testnet,DC=netwerk (I’m not sure this makes any difference, I’ve never seen ownCloud pull non-system groups from LDAP) You don’t want to wait ten minutes after every change to test if it is working. If you are done configuring change this back to 600 or so. Set ‘Cache Time-To-Live’ to 5 seconds for now. Under Connection Settings check these options: Configuration Active Case insensitive LDAP server (Windows) Turn off SSL certificate validation. This way ownCloud’s internal usernames are identical to your AD usernames instead of the objectSid which is a long range of numbers.Ĭlick the Save button on the bottom of the form after you change this.Ĭlick the Advanced tab. This would give you all users in the AD, including system accounts that will never need ownCloud accounts.Ĭlick the Expert tab and in the Internal Username Attribute field enter sAMAccountName. is the default (with your own AD of course) but you could just enter DC=testnet,DC=netwerk. Press F5 to reload the page and behold! You can now enter a Base DN. ![]() The ‘Could not determine Base DN’ error is caused by a bug in ownCloud don’t worry about it.Īll values are instantly saved. Remember you can find the DN of the client user in Active Directory Users and Computers. Start out with the Server tab and fill out your own values. This is the section that has the Server, User Filter, etc. Ignore the https security warning for now. ![]() In the apps list scroll down to ‘LDAP user and group backend’, click it and click Enable. Normally this is where you would create ownCloud users. Note that there is only the one ocadmin user we created earlier. Point your browser to and log in as ocadmin. Especially handy is the Attribute Editor which tells you not only which attributes there are but also their exact values which can be very helpful when troubleshooting the connection between ownCloud and Active Directory. Doubleclick a user and check out the new tabs. Now Active Directory Users and Computers shows you a lot more information. Windows Server 2012 provides a couple of tools do some Googling.Īlso it can be insightful to go into Active Directory Users and Computers, select your domain, click View and check ‘Advanced features’. If your AD works you don’t have to deal with it but as soon as things start to disintegrate you will have to get your shovel and dig in the LDAP database. This doesn’t really matter but keep it in mind when specifying the user’s DN in ownCloud. Give it a hard password and set it and the account to never expire. It doesn’t have to be a member of any special groups. In Active Directory Users and Computers create a new user called owncloudaduser.
0 Comments
Leave a Reply. |