1

Topic: Nextcloud OpenLDAP Change Password

I have Nextcloud set up so that it authenticates against the OpenLDAP service on my iRedMail server.  But I cannot figure out how to set up Nextcloud and iRedMail/OpenLDAP to allow users to change their password using Nextcloud.  Anyone have success in setting this up?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Nextcloud OpenLDAP Change Password

Show us some screenshots of NextCloud related to (LDAP) password change, maybe we can give some hints.

3

Re: Nextcloud OpenLDAP Change Password

Sure, The first pic shows my connection to the LDAP server, the second shows the objects for authentication.  All of that works fine.  The authentication works perfectly and the Mail app in Nextcloud even logs into the server and passes the email through IMAP. 

The third pic shows the toggle setting to allow users to change their password.  The are allowed to do this on the iRedMail server.  In fact for now, the workaround is that I have to send the user to Roundcube to change their password and then that is what they use the next time they use Nextcloud. 

The last pic shows the result of trying to change the password inside Nextcloud.  The only thing I am unsure of is the popup note on the third pic about passing an encrypted password.  I'm not sure if that is happening or how to even view enough log data to see what is taking place between the two servers.


ZhangHuangbin wrote:

Show us some screenshots of NextCloud related to (LDAP) password change, maybe we can give some hints.

Post's attachments

brave_h5jEQMNaAR.png
brave_h5jEQMNaAR.png 24.26 kb, file has never been downloaded. 

brave_Qld2y7QkpS.png
brave_Qld2y7QkpS.png 10.1 kb, file has never been downloaded. 

brave_WN8Z7H6ZEK.png
brave_WN8Z7H6ZEK.png 23.16 kb, file has never been downloaded. 

Screenshot 2022-06-10 100142.jpg
Screenshot 2022-06-10 100142.jpg 61.05 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

4

Re: Nextcloud OpenLDAP Change Password

What's the LDAP bind dn?

If you allow users to change their own passwords, you should use "cn=vmailadmin,dc=xx,dc=xx" since it has read+write privilege.

5

Re: Nextcloud OpenLDAP Change Password

Ok, I was using the postmaster account thinking that it also contained those privileges but perhaps that isn't how those admin accounts work? 

ZhangHuangbin wrote:

What's the LDAP bind dn?

If you allow users to change their own passwords, you should use "cn=vmailadmin,dc=xx,dc=xx" since it has read+write privilege.

6

Re: Nextcloud OpenLDAP Change Password

Using vmailadmin did it.  I was confused on where to get the password for that account but found that it was in the tips file... learning so much.  Thanks for your help!

ZhangHuangbin wrote:

What's the LDAP bind dn?

If you allow users to change their own passwords, you should use "cn=vmailadmin,dc=xx,dc=xx" since it has read+write privilege.