Nextcloud not recognising LDAP credentials after Yunohost update


First of all… thank you all soo much! I’ve been running a yunohost instance for over a year now, with zero issues… I’ve got all sorts of apps on there & (up until this morning) it’s worked without a hitch! I work in software dev, so I know that’s no mean feat.

My YunoHost server

Hardware: VPS bought online (Hetzner)
YunoHost version: appeared with upgrade to, still present with
I have access to my server : Through SSH & through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

If your request is related to an app, specify its name and version: NextCloud version 26.0.2~ynh2

Description of my issue

I am unable to connect to Nextcloud with any LDAP accounts. This includes the admin account. I receive an invalid username/password message when attempting to login with valid (yunohost sso) credentials. Can’t find any error logs/messages, although have had lots of fun with fail2ban & oc_bruteforce_attempts! strong text

Ok, I found this previous issue that looked similar.

Got a similar error from the command sudo -u nextcloud php8.1 --define apc.enable_cli=1 occ ldap:check-user admin
Cannot check user existence, because disabled LDAP configurations are present.

Issue was also resolved by forcing an upgrade of Nextcloud:
yunohost app upgrade nextcloud -F

FYI - caldav accounts had been picked up by Fail2Ban & the NC internal threat detection & throttled.
I had to issue the following commands to clean that up before any logins could be attempted:
fail2ban-client set nextcloud unbanip [IP_ADDRESS]
You can retrieve a list of banned (and unbanned) IP’s with the following command:
grep "\[nextcloud\] [BU]" /var/log/fail2ban.log
I whitelisted my home IP by adding the following:
touch /etc/fail2ban/jail.d/yunohost-whitelist.conf && echo -e "[DEFAULT] \n\nignoreip = XXX.XXX.XXX.XXX #<= replace with your ip list, separate with spaces" >> /etc/fail2ban/jail.d/yunohost-whitelist.conf

I also cleared the oc_bruteforce_attempts table in the nextcloud db.
Check entries with the following:
mysql -D nextcloud -e 'SELECT * FROM oc_bruteforce_attempts'
Then remove with a DELETE:
mysql -D nextcloud -e 'DELETE * FROM oc_bruteforce_attempts WHERE ip = "XXX.XXX.XXX.XXX"'

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.