Connect an external NextCloud instance to YunoHost's LDAP server

My YunoHost server

Hardware: VPS bought online / Old laptop or computer
YunoHost version: 11.2.5
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : yes
If yes, please explain:

I installed NextCloud on a computer at home and I’d like to connected it to my YunoHost LDAP instance

Description of my issue

I have a YunoHost instance on a VPS and a home server on which I installed NextCloud from the docker image.

What I’m trying to do is to plug NextCloud to YunoHost LDAP instance.

I did install the LDAP user and admin application on NextCloud, but I’m struggling to find the correct setup for it.

I tried to narrow down the issue and here’s what I discovered :

  • I am able to connect to LDAP from my YunoHost server with an ldapsearch command (more specifically this one :
ldapsearch -x -LLL -H ldap://localhost -D "uid=<username>,ou=users,dc=yunohost,dc=org" -w '<password>' -b "dc=yunohost,dc=org"
  • I am not able to use the same command from my home server (after I changed the host to the correct IP of course)
  • I opened the port 389 from the YunoHost admin, but nmap still tells me otherwise :
Host is up, received syn-ack (0.024s latency).

389/tcp closed ldap    conn-refused

A few more information :

  • I’m using tailscale as a VPN
  • I looks at the logs in /var/log/syslog but nothing caught my eyes
  • I was able to successfully connect to LDAP via phpLDAPadmin
  • I’ve read a bazillion documentation on YunoHost, LDAP, etc for the past couple of days but nothing seems to work or match my specific needs

Thanks for the help :slight_smile:

On your server, you can try this command :
sudo ss -tulnp | grep 389
It will inform you about the port 389 who can call it, and what manages it.
On my server, I have this :

tcp   LISTEN 0      1024                  *    users:(("slapd",pid=1362,fd=8))

So, slapd is listening on, so only calls from my own server are listened.

Bad thing is that I have no idea how to change it, but I am pretty sure someone had a really similar problem in the last few weeks.

I think it was this one : Use Yunohost LDAP from server containers - #3 by tituspijean

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.