I used this command at a shell prompt as root to confirm the correct value for 'base dn':
ldapsearch -x -h localhost -s base |grep 'dn'
After entering the settings as described on the Owncloud page:
http://wiki.contribs.org/OwnCloud#LDAP_AuthenticationThe Owncloud 'Test Configuration' button then reports:
The configuration is valid, but the Bind failed. Please check the server settings and credentials.
I *also* needed to:
- Select Advanced
- Add a check-box to 'Turn off SSL certificate validation'
Now, the 'Test Configuration' button reports:
The configuration is valid and the connection could be established!
It still doesn't seem to let me login, but that could be due to a conflict with the IMAP authentication I already have configured, or it could be due to the ldap user account delay mentioned in the Owncloud wiki page linked above.
I did notice that my SME groups all appeared in the 'groups' pull-down when creating new users, so the LDAP connection is working.
When I look at the LDAP settings on my server using the command below it looks like the the following items may need to be set as shown (however, even with these settings my system doesn't let me login...):
ldapsearch -x -h localhost |less -S
[Basic Settings]
- User List Filter should be
objectClass=inetOrgPerson or
objectClass=posixAccount instead of objectClass=person(?)
[Advanced Settings]
- Base User Tree may need to include
ou=Users- Group-Member association should be set to
memberUid- Email Field
mailFinally, I'm debugging by watching the ldap log in one window while attempting logins from a browser:
tail -S /var/log/ldap/current
...then pressing an upper case 'F' to show new lines as they're added to the file.
IMPORTANT NOTE:
I have had ldap enabled since early SME 8 beta; if any of the settings changed between then and SME 8.0 release, my settings may be incorrect. Be sure to verify the appropriate settings on your own server.