[Freeipa-users] OC and FreeIPA

Rob Crittenden rcritten at redhat.com
Wed Jul 16 18:12:34 UTC 2014

Jonathan J. Ramirez C. wrote:
> Hi.
> Does anybody here know how to properly set up ownCloud 6.0.4 to work
> with FreeIPA 3.3.5? I keep getting these messages when trying to logon
> to OC with a created account in FreeIPA.
> Here's a sample:
> ownCloud[2182]: {user_ldap} initializing paged search for 
> FilterobjectClass=* base Array ([0] =>
> uid=jonram,cn=users,cn=compat,dc=mydomain,dc=com) attr ipauniqueid limit
> 99999 offset 0
> ownCloud[2182]: {user_ldap} Ready for a paged search
> ownCloud[2182]: {user_ldap} Requested attribute ipauniqueid not found
> for uid=jonram,cn=users,cn=compat,dc=mydomain,dc=com
> ownCloud[2182]: {user_ldap} Could not autodetect the UUID attribute
> ownCloud[2182]: {user_ldap} Cannot determine UUID for
> uid=jonram,cn=users,cn=compat,dc=mydomain,dc=com. Skipping.
> ownCloud[2182]: {core} Login failed: user 'jonram' , wrong password,
> IP:set log_authfailip=true in conf
> I'm really new to OC and IPA so I don't know where to poke to make it
> work. I'll much appreciate any hint.

I've never dealt with OC before but I scanned the LDAP docs quickly.

You will want to set separate user and group base DNs. It is using the
compat tree and that is likely the wrong thing in this case.

Users: cn=users,cn=accounts,dc=mydomain,dc=com
Groups: cn=groups,cn=accounts,dc=mydomain,dc=com

That will fix the UUID issue at least.

Have you set a password for this user account, and have you
authenticated with it yet? IPA marks all administratively set passwords
as expired, so you need to authenticate and change the password before
it is generally usable.

IPA uses memberOf for its grouping in case you need to specify it.


More information about the Freeipa-users mailing list