1. Overview
Nextcloud internet data storage or online data backups can integrated with identity management solutions such as an LDAP application or Active Directory so that user on LDAP or Active Directory can appear in our Nextcloud user listings. These users will authenticate to Nextcloud internet data storage or online data backups with their LDAP or Active Directory credentials. We don’t have to create separate user accounts on Nextcloud internet data storage or online data backups for them. We can still manage their group memberships in Nextcloud internet data storage or online data backups, quotas, and sharing permissions just like any other Nextcloud user.
In this article will demonstrate how to integrated Nextcloud internet data storage or online data backups with identity management software which is LDAP/Active Directory.
2. Prerequisites
In this article of integrating Nextcloud internet data storage or online data backups user authentication with LDAP/Active Directory (AD), it is supposed that:
a. You have an LDAP/ Active Directory identity management software server in place up and running.
b. You have already installed Nextcloud internet data storage or online data backups. Please refer to this link.Installing Nextcloud 12 on CentOS 7/RHEL 7
3. Nextcloud Active Directory Authentication Setting
Login to your Nextcloud internet data storage or online data backups with admin privilege user account. The first thing that we need to is to enable the LDAP user and group backend app on the Apps page in Nextcloud internet data storage or online data backups. To do this, navigate to “Settings” and click on “Appps” icon.
On the Apps windows you will see mange apps of Nextcloud internet data storage or online data backups but what we need is try to find the app call “LDAP user and group backend” from the list and then click on it and then click “Enable”.
Now let go to the Admin settings page of Nextcloud internet data storage or online data backups by clicking on “Settings” and the click on “Admin” an then click on “LDAP/AD Integration” to start LDAP/Active Directory user authentication integration setting.
The panel of LDAP/Active Directory identity management system configuration has four tabs. A correctly completed first tab “Server” is mandatory in order to access the other next tabs. A green indicator lights when the configuration is correct.
On the Host box enter the host name or IP address of the LDAP/Active Directory identity management software server. It can also be starting ldap:// URI for our case now is ldap://192.168.150.10. Click on ¨Detect Port if we don’t know what port to enter in port box. If we manually enter the port number, it speeds up server detection.
In the “User DN” box enter the name as DN of a user who has permissions to do searches in the LDAP directory. In our case now a an Active Directory user account name “ldap user” in the Active Directory Domain “techspacekh.local”. So the User DN to enter is “CN=ldap user,CN=Users,DC=techspacekh,DC=local” and then type in the password of this user int the “Password” box.
Nextcloud internet data storage or online data backups attempts to determine the Base DN according to the provided User DN or the provided Host, click on “Detect Base DN” if you don’t know what to enter here and click “Test Base DN”. If you got “Configuration OK” message with green color, it means every is fine and then just “Continue” to go to the next settings page.
On the “Users” tap, select the active directory groups that you want to authenticate with Nextcloud internet data storage or online data backups. It is to control which LDAP/Active Directory users are listed as Nextcloud users on our Nextcloud internet data storage or online data backups server. Click on “Verify settings and count users” and the click “Continue” to go to the next settings page.
On the “Login Attributes” tab, we can determine which LDAP/Active Directory groups or users can log in to our Nextcloud internet data storage or online data backups system and which attribute or attributes the provided login name is matched against, for example LDAP/AD username or email address. To test the setting enter a active directory user account in the “Test Loginname” box and click “Verify settings”. If you got “Configuration OK” message with green color, it means every is fine and then just “Continue” to go to the next settings page.
In the “Groups” setting tab we can filter which groups will be available in Nextcloud internet data storage or online data backups server.
In our case now the Domain Users group is selected. Click on “Verify settings and count groups” to verify the setting. If you got “Configuration OK” message with green color, it means every is good.
Now we can try to login to Nextcloud internet data storage or online data backups server using LDAP/Active Directory user accounts and password. We should be able to successfully login to Nextcloud internet data storage or online data backups server as the following
7. Conclusion
That’s all about how to integrate your Nextcloud internet data storage or online data backups to authentication with LDAP/Active Directory (AD) from Tech Space KH. Hopefully, you can find this guide informative and helpful about online secure data backup. If you have any questions or suggestions you can always leave your comments below. I will try all of my best to review and reply them.
