With this step-by-step guide, you will have your ownCloud 9 (and earlier) cloud server authenticating against Active Directory or LDAP correctly in no time!
Recently, I went through the process of setting up a brand new ownCloud 9.1 server, after my previous ownCloud server had seen upgrades from 6.x all the way up to 8x. If you’ve used ownCloud that long, you know the abundant changes and improvements that have been made along the way did not come without their growth pains; especially if you delved into encryption. So, I decided to start fresh. I use Active Directory to provide a centralized authentication source for everything in my personal “cloud,” so after setting up my new Dropbox clone, the first thing I needed to do was configure the LDAP user and group backend plugin. I had a lot of problems getting the Active Directory usernames to match the ownCloud usernames, instead of showing a long string off numbers. It was a lot of confusing UID, UUID, SAMAccountName and DN related confusion. There aren’t any great guides to keep you from getting a headache, so I decided to make one.
Problems with the LDAP user and group backend plugin
It’s pretty straight forward to get an ownCloud server authenticating against and Active Directory server, but the biggest problem I’ve seen is the mapped usernames end up being long strings of numbers in ownCloud. Although the display names are correct in owncloud, the actual username for all AD mapped logins, by default, are a long unique string makes things difficult. For one, if you need to get to a users ownCloud data folder, there’s no intuitive way of knowing who’s is who’s folder from the command line.
With this step-by-step guide, you will have your ownCloud server authenticating against Active Directory / LDAP, with the following benefits:
- The ownCloud username will match the Active Directory / LDAP username (no long incomprehensible string of numbers)
- Any user added to a specified group created in Active Directory will automatically have ownCloud login privileges.
- ownCloud users will be able to login using their username or email address (if specified in AD) interchangeably.
These three pluses make everything very seemless and saves a lot of headaches. So, lets get started.