Integrating ownCloud User Authentication With LDAP/Active Directory (AD)

1. Overview


ownCloud data storage online can integrated with identity management solutions such as an LDAP application or Active Directory so that user on LDAP or Active Directory can appear in our ownCloud user listings. These users will authenticate to ownCloud data storage online with their LDAP or Active Directory credentials. We don’t have to create separate user accounts on ownCloud data storage online for them. We can still manage their group memberships in ownCloud data storage online, quotas, and sharing permissions just like any other ownCloud user.

In this article will demonstrate how to integrated ownCloud data storage online with identity management software which is LDAP/Active Directory.

2. Prerequisites


In this article of integrating D user authentication with LDAP/Active Directory (AD), it is supposed that:

a. You have an LDAP/ Active Directory identity management software server in place up and running.
b. You have already installed ownCloud data storage online. Please refer to this link. Installing ownCloud 10 on CentOS 7/RHEL 7

3. ownCloud Active Directory Authentication Setting


Login to our ownCloud data storage onlin with admin privilege user account. The first thing that we need to is to enable the LDAP user and group backend app on the Market page in ownCloud data storage online. To do this, navigate to “Files” and click on “Market” icon.

On the Market windows you will see mange apps of ownCloud data storage online but what we need  is try to find the app call “LDAP Integration” from the list and then click on it and then click “Install”.

Now let go to the Admin settings page of ownCloud data storage online by  clicking on “Settings” and the click on “User Authentication” to start LDAP/Active Directory user authentication integration setting.

The panel of LDAP/Active Directory identity management system configuration has four tabs. A correctly completed first tab “Server” is mandatory in order to access the other next tabs. A green indicator lights when the configuration is correct.

On the Host box enter the host name or IP address of the LDAP/Active Directory identity management software server. It can also be starting ldap:// URI for our case now is ldap:// Click on ¨Detect Port if we don’t know what port to enter in port box. If we manually enter the port number, it speeds up server detection.

In the “User DN” box enter the name as DN of a user who has permissions to do searches in the LDAP directory. In our case now a an Active Directory user account name “ldap user” in the Active Directory Domain “techspacekh.local”. So the User DN to enter is “CN=ldap user,CN=Users,DC=techspacekh,DC=local” and then type in the password of this user int the “Password” box.

ownCloud data storage online attempts to determine the Base DN according to the provided User DN or the provided Host, click on “Detect Base DN” if you don’t know what to enter here and click “Test Base DN”. If you got “Configuration OK” message with green color, it means every is fine and then just “Continue” to go to the next settings page.

On the “Users” tap, select the active directory groups that you want to authenticate with ownCloud data storage online. It is to control which LDAP/Active Directory users are listed as ownCloud users on our ownCloud data storage online server. Click on “Verify settings and count users” and the click “Continue” to go to the next settings page.

On the “Login Attributes” tab, we can determine which LDAP/Active Directory groups or users can log in to our ownCloud data storage online system and which attribute or attributes the provided login name is matched against, for example  LDAP/AD username or email address.

To test the setting enter a active directory user account in the “Test Loginname” box and click “Verify settings”. If you got “Configuration OK” message with green color, it means every is fine and then just “Continue” to go to the next settings page.

In the “Groups” setting tab we can filter which groups will be available in ownCloud data storage online server. In our case now the Domain Users group is selected. Click on  “Verify settings and count groups” to verify the setting. If you got “Configuration OK” message with green color, it means every is good.

Now we can try to login to ownCloud data storage online server using LDAP/Active Directory user accounts and password. In our case now let try with the LDAP/Active Directory user account name “NetAdmin01”. We should be able to successfully login to ownCloud data storage online server as the following


7. Conclusion


That’s all about how to integrate your ownCloud data storage online to authentication with LDAP/Active Directory (AD) from Tech Space KH. Hopefully, you can find this guide informative and helpful about online secure data backup. If you have any questions or suggestions you can always leave your comments below. I will try all of my best to review and reply them.