Integrating Nextcloud with Active Directory

Print Friendly, PDF & Email

Well, something that is usually very interesting for organizations, is to be able to integrate Nextcloud with our Active Directory, This way we can allow our users to log in with their domain account and avoid remembering different passwords. It will also come in handy when it comes to managing them, we can also synchronize the Active Directory groups for whatever we need,

 

 

We'll start by enabling the app that allows it, we log in to Nextcloud with an administrator account, Let's go to the menu of “Applications” > “Disabled apps” and click on “Activate” in 'LDAP user and group backend'.

 

If we have the 'LDAP user and group backend’ Disabled, first we must enable LDAP support in PHP as follows:

[SourceCode]Sudo apt-get install php-ldap
Sudo Service Apache2 Restart[/SourceCode]

 

Since “Configuration” > “LDAP Integration / AD” we will configure the access parameters to our Active Directory, By means of an assistant we will indicate the necessary data to have a list of users who will be able to work with Nextcloud. Under 'Server’ we will specify the name of a domain controller indicating whether or not the connection is secure using LDAP or LDAPS specifying the port if 389 or 636. We also set the distinguished name of a user with LDAP query privileges, We enter your password and save the credentials. We indicate the DN Base where the users we want to work with Nextclud are located, we can make more advanced queries below. “Continue”,

 

On the “Users” We will indicate the type of object we want to synchronize, the most normal will be users, so we establish its object class (person) and we continue,

 

Select what we want the account name to be, it will be normal to use the same user as in the Active Directory, We verify that the filter picks up the changes and continue,

Finally, we will indicate if we want to synchronize any group of users from our Active Directory.

 

If everything has gone well, We can finish the wizard, and go directly to the “Users” and see that we already have the new accounts synchronized!!! Excellent, users can start working now with their AD accounts, We may include them in groups to set quotas or any configuration in a generic way!

 

Recommended Posts

Implementing FSSOs to integrate Fortigate with Active Directory
Read
SmartCard logins to Active Directory
Read
Implementing Windows LAPS
Read
VPN with Citrix NetScaler III - Authentication with certificates
Read

Author

by Héctor Herrero 
nheobug@bujarra.com
Autor del blog Bujarra.com Cualquier necesidad que tengas, Do not hesitate to contact me, I will try to help you whenever I can, Sharing is living ;) . Enjoy documents!!!

FOG - Base configuration, Image generation and deployment

11 September 2018

Monitoring Nutanix from Centreon

18 September 2018