Migrating LDAP Servers With Nextcloud/ Owncloud

Those of you who have seen any of my previous posts know that I have an arsenal of PowerEdge 2950s.  I am trying to move away from the 2950s for the purpose of power efficiency and have been consolidating all of my VMs and Docker containers to one Dell R710 running Proxmox.  Most of the services were an easy move, as the migration only involved sliding over a Virtual machine and reconfiguring the network adapter.  There are two major exceptions to this, one being the MySQL server (which is currently running as a docker container), and the other is the LDAP server.  The LDAP server migration isn’t really a problem on it’s own, but the fact that I am going to be using FreeIPA for SSO across my network is.  Basically, I needed to move my Nextcloud users from the existing LDAP server to the IPA server.

A quick search on Google turns up very little useful information.  The only thing I found was a post (which I can’t find anymore) that suggested it would be necessary to manually change some things in the “ldap_user_mapping” table in the database.  This is actually a pretty simple task, but it took me a while to figure out some of the FreeIPA specific LDAP settings in Nextcloud.  The first thing is to make sure the two “objectclass” references both equal “person”, and not “inetOrgPerson”.  One reference is under Users>Edit LDAP Query, and the second reference is under Login Attributes> Edit LDAP Query.  Those two settings kept me from getting this to work for a couple of hours.  The next step is to go to the Advanced>Directory Settings tab and make sure the “User Name Display Field” is set to “displayName”.  Finally, head over to the Advanced tab and set the Internal Username Attribute and both UUID Attribute boxes to “ipaUniqueID”.  This UUID is how Nextcloud keeps track of users.

The problem now is that your existing users, when logging in to the new LDAP server, will be presented with a new account.  This is not optimal if you already have calendars, contacts, and files already stored in your Nextcloud account.  The best way around this that I can tell is to login with the new user account so a new user account mapping is created, and to copy the old UUID to the new user.  Just make sure you change something on the old user, as the UUID field is the primary key for that table, meaning there can’t be records with the same UUID value.

Network Overhaul, and the Addition of an R710

My lab has been running pretty stable now for at least a solid year, so naturally it is time to make some changes.  I have some new things I want to experiment with that I just don’t have the flexibility for.  I have to completely overhaul my rack and everything in it, and I have some points that will hopefully make my compute environment more conducive to my compute goals and planned future experimentation.

Continue reading “Network Overhaul, and the Addition of an R710”

This Blog’s Infrastructure

The stack that runs this WordPress installation evolved over many months; from the beginning of 2017 to now, I have been fine-tuning my lab to accommodate a number of services and applications, including those needed to run this blog.  The whole process really started years ago when I first setup a home server, but that’s a topic for another post.  Here, I will give you the basic run down of how how this shit works.

Continue reading “This Blog’s Infrastructure”