Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAP Authentification not usable Interface #28704

Closed
xundeenergie opened this issue Sep 3, 2021 · 2 comments
Closed

LDAP Authentification not usable Interface #28704

xundeenergie opened this issue Sep 3, 2021 · 2 comments
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap bug

Comments

@xundeenergie
Copy link

How to use GitHub

  • Please use the 👍 reaction to show that you are affected by the same issue.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
  • Subscribe to receive notifications on status change and new comments.

Steps to reproduce

  1. Install Nextcloud 22.1.1 and take nginx-config from here https://docs.nextcloud.com/server/22/admin_manual/installation/nginx.html
  2. Go to LDAP/AD-Integration
  3. Form is not functionable

Expected behaviour

LDAP-Konfiguration should be doable via web-form.

Actual behaviour

I upgraded to nextcloud 22.1.1 and migrated from docker to native install.
then i tried to configure my ldap-authentification plugin and ended up in this:
Bildschirmfoto von 2021-09-03 14-45-41

The form is not working. The values are not loaded, the Buttons do not work.

Then i found https://logs.nix.samueldr.com/nixos-de/2020-10-23 and tried the config-line in nginx for nc 19... and the form show me the "Port ermittlen" Button, but it doesn't work either.

With occ i can configure my LDAP-Connection, and it works. Only the web-configuration is broken.

Server configuration

Operating system:
Debian Buster

Web server:
nginx

Database:
mariadb 10.3

PHP version:
7.3

Nextcloud version: (see Nextcloud admin page)
22.1.1

Updated from an older Nextcloud/ownCloud or fresh install:
Migrated in case of totally broken DB from docker to fresh installation native bare metal. Fresh install, but old userdata on Filesystem

Where did you install Nextcloud from:

Signing status:

Signing status 
No errors have been found.

List of activated apps:

App list 
Enabled:                                                                                                                                                                                                           
  - accessibility: 1.7.0                                                                                                                                                                                           
  - activity: 2.15.0                                                                                                                                                                                               
  - appointments: 1.10.1                                                                                                                                                                                           
  - bruteforcesettings: 2.2.0                                                                                                                                                                                      
  - calendar: 2.3.3                                                                                                                                                                                                
  - carnet: 0.24.2                                                                                                                                                                                                 
  - circles: 22.1.1                                                                                                                                                                                                
  - cloud_federation_api: 1.4.0
  - comments: 1.11.0
  - contacts: 4.0.2
  - contactsinteraction: 1.2.0
  - dashboard: 7.1.0
  - dav: 1.18.0
  - deck: 1.5.0
  - federatedfilesharing: 1.11.0
  - federation: 1.11.0
  - files: 1.16.0
  - files_external: 1.12.1
  - files_pdfviewer: 2.3.0
  - files_rightclick: 1.1.0
  - files_sharing: 1.13.2
  - files_trashbin: 1.11.0
  - files_versions: 1.14.0
  - files_videoplayer: 1.11.0
  - firstrunwizard: 2.11.0
  - groupfolders: 10.0.0
  - logreader: 2.7.0
  - lookup_server_connector: 1.9.0
  - mail: 1.10.3
  - nextcloud_announcements: 1.11.0
  - notifications: 2.10.1
  - oauth2: 1.9.0
  - password_policy: 1.12.0
  - photos: 1.4.0
  - privacy: 1.6.0
  - provisioning_api: 1.11.0
  - recommendations: 1.1.0
  - richdocuments: 4.2.2
  - richdocumentscode: 6.4.1004
  - serverinfo: 1.12.0
  - settings: 1.3.0
  - sharebymail: 1.11.0
  - spreed: 12.1.1
  - support: 1.5.0
  - survey_client: 1.10.0
  - systemtags: 1.11.0
  - text: 3.3.0
  - theming: 1.12.0
  - twofactor_backupcodes: 1.10.1
  - updatenotification: 1.11.0
  - user_ldap: 1.11.0
  - user_status: 1.1.1
  - viewer: 1.6.0
  - weather_status: 1.1.0
  - workflowengine: 2.3.1
Disabled:
  - admin_audit
  - encryption

Nextcloud configuration:

Config report 
{                                                                                                                                                                                                          [5/9978]
    "system": {                                                                                                                                                                                                    
        "memcache.local": "\\OC\\Memcache\\APCu",                                                                                                                                                                  
        "apps_paths": [                                                                                                                                                                                            
            {                                                                                                                                                                                                      
                "path": "\/var\/www\/nextcloud.dings.dangs\/apps",                                                                                                                                                  
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/nextcloud.dings.dangs\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "password": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "nextcloud.dings.dangs",
            "138.201.246.50"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "22.1.1.2",
        "overwrite.cli.url": "http:\/\/nextcloud.dings.dangs",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "3306",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "overwriteprotocol": "https",
        "maintenance": false,
        "mail_smtpmode": "smtp",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_sendmailmode": "smtp",
        "mail_smtpport": "25",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "default_phone_region": "de_AT",
        "loglevel": 2,
        "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
        "theme": "",
"has_rebuilt_cache": true
    }
}

Are you using external storage, if yes which one: local/smb/sftp/...

Are you using encryption: no

Are you using an external user-backend, if yes which one: LDAP

LDAP configuration (delete this part if not used)

LDAP config 
+-------------------------------+-----------------------------------------------------------------------------------------------------------------+                                                                
| Configuration                 | s01                                                                                                             |                                                                
+-------------------------------+-----------------------------------------------------------------------------------------------------------------+                                                                
| hasMemberOfFilterSupport      | 0                                                                                                               |                                                                
| homeFolderNamingRule          |                                                                                                                 |                                                                
| lastJpegPhotoLookup           | 0                                                                                                               |                                                                
| ldapAgentName                 | cn=service_id,ou=cloud,ou=apps,ou=services,dc=dings,dc=dangs                                                     |                                                                
| ldapAgentPassword             | ***                                                                                                             |                                                                
| ldapAttributesForGroupSearch  | objectClass=posixGroup                                                                                          |                                                                
| ldapAttributesForUserSearch   |                                                                                                                 |                                                                
| ldapBackupHost                |                                                                                                                 |                                                                
| ldapBackupPort                |                                                                                                                 |                                                                
| ldapBase                      | dc=dings,dc=dangs                                                                                                |                                                               
| ldapBaseGroups                | ou=groups,dc=dings,dc=dangs                                                                                      |                                                               
| ldapBaseUsers                 | ou=users,dc=dings,dc=dangs                                                                                       |                                                               
| ldapCacheTTL                  | 600                                                                                                             |                                                               
| ldapConfigurationActive       | 1                                                                                                               |                                                               
| ldapDefaultPPolicyDN          |                                                                                                                 |                                                               
| ldapDynamicGroupMemberURL     |                                                                                                                 |                                                               
| ldapEmailAttribute            | mail                                                                                                            |                                                               
| ldapExperiencedAdmin          | 0                                                                                                               |                                                               
| ldapExpertUUIDGroupAttr       |                                                                                                                 |                                                               
| ldapExpertUUIDUserAttr        |                                                                                                                 |                                                               
| ldapExpertUsernameAttr        | uid                                                                                                             |                                                               
| ldapExtStorageHomeAttribute   |                                                                                                                 |                                                               
| ldapGidNumber                 | gidNumber                                                                                                       |                                                               
| ldapGroupDisplayName          | cn                                                                                                              |                                                               
| ldapGroupFilter               |                                                                                                                 |                                                               
| ldapGroupFilterGroups         |                                                                                                                 |                                                               
| ldapGroupFilterMode           | 1                                                                                                               |                                                               
| ldapGroupFilterObjectclass    |                                                                                                                 |                                                               
| ldapGroupMemberAssocAttr      | gidNumber                                                                                                       |                                                               
| ldapHost                      | ldap.dings.dangs                                                                                                 |                                                               
| ldapIgnoreNamingRules         |                                                                                                                 |                                                               
| ldapLoginFilter               | (|                                                                                                              |                                                               
|                               | (&(memberof=cn=perm-app-nextcloud_users,ou=cloud,ou=apps,ou=services,dc=dings,dc=dangs)(|(uid=%uid)(name=%uid))) |                                                               
|                               | (&(memberof=cn=perm-app-nexcloud_admins,ou=cloud,ou=apps,ou=services,dc=dings,dc=dangs)(|(uid=%uid)(name=%uid))) |                                                               
|                               | )                                                                                                               |                                                               
| ldapLoginFilterAttributes     |                                                                                                                 |                                                               
| ldapLoginFilterEmail          | 0                                                                                                               |                                                               
| ldapLoginFilterMode           | 1                                                                                                               |
| ldapLoginFilterUsername       | 1                                                                                                               |
| ldapMatchingRuleInChainState  | unknown                                                                                                         |
| ldapNestedGroups              | 0                                                                                                               |
| ldapOverrideMainServer        |                                                                                                                 |
| ldapPagingSize                | 500                                                                                                             |
| ldapPort                      | 389                                                                                                             |
| ldapQuotaAttribute            |                                                                                                                 |
| ldapQuotaDefault              |                                                                                                                 |
| ldapTLS                       | 1                                                                                                               |
| ldapUserAvatarRule            | default                                                                                                         |                                                               
| ldapUserDisplayName           | cn                                                                                                              |                                                               
| ldapUserDisplayName2          | sn                                                                                                              |                                                               
| ldapUserFilter                | (objectclass=posixAccount)                                                                                      |                                                               
| ldapUserFilterGroups          |                                                                                                                 |                                                               
| ldapUserFilterMode            | 1                                                                                                               |                                                               
| ldapUserFilterObjectclass     |                                                                                                                 |                                                               
| ldapUuidGroupAttribute        | auto                                                                                                            |                                                               
| ldapUuidUserAttribute         | auto                                                                                                            |                                                               
| turnOffCertCheck              | 0                                                                                                               |                                                               
| turnOnPasswordChange          | 0                                                                                                               |                                                               
| useMemberOfToDetectMembership | 1                                                                                                               |                                                               
+-------------------------------+-----------------------------------------------------------------------------------------------------------------+

Client configuration

Browser:
Firefox 90.0.2

Operating system:
Fedora 33

Logs

Web server error log

Web server error log 
2021/09/03 15:08:43 [error] 125217#125217: *45751 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught Error: Class 'OC_JSON' not found in /var/www/nextcloud.dings.dangs/apps/user_ldap/ajax/getConfigu
ration.php:28                                                                                                                                                                                                     
Stack trace:                                                                                                                                                                                                      
#0 {main}                                                                                                                                                                                                         
  thrown in /var/www/nextcloud.dings.dangs/apps/user_ldap/ajax/getConfiguration.php on line 28" while reading response header from upstream, client: 10.0.100.10, server: nextcloud.dings.dangs, request: "POST /apps
/user_ldap/ajax/getConfiguration.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php/php7.3-fpm.sock:", host: "nextcloud.dings.dangs"                                                                            

#0 {main}                                                                                                                                                                                                         
  thrown in /var/www/nextcloud.dings.dangs/apps/user_ldap/ajax/getConfiguration.php on line 28" while reading response header from upstream, client: 10.0.100.10, server: nextcloud.dings.dangs, request: "POST /apps
/user_ldap/ajax/getConfiguration.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php/php7.3-fpm.sock:", host: "nextcloud.dings.dangs"                                                                            
2021/09/03 15:04:28 [error] 125217#125217: *44553 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught Error: Class 'OC_JSON' not found in /var/www/nextcloud.dings.dangs/apps/user_ldap/ajax/getConfigu
ration.php:28                                                                                                                                                                                                     
Stack trace:

Nextcloud log (data/nextcloud.log)

Nextcloud log 
Insert your Nextcloud log here

Browser log

Browser log 
Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log
c) ...
@xundeenergie xundeenergie added 0. Needs triage Pending check for reproducibility or if it fits our roadmap bug labels Sep 3, 2021
@kesselb
Copy link
Contributor

kesselb commented Sep 3, 2021

Here you go:

LDAP wizard does not work / Class 'OC_JSON' not found: Setup LDAP Backend not possible #16194 / Update nginx.rst -- Reworked the Nginx configs nextcloud/documentation#2197

@kesselb kesselb closed this as completed Sep 3, 2021
@xundeenergie
Copy link
Author

thanx

@szaimen szaimen mentioned this issue Jan 21, 2022
Merged
@NobleKangaroo NobleKangaroo mentioned this issue Apr 13, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kesselb @xundeenergie