====== Integrate LDAP into Nextcloud ======

Nextcloud can use LDAP for authentication, to get user groups, and even lets user change their passwords directly in the LDAP directory.

The whole LDAP integration process is pretty straight forward, I mainly write it down here, so I remember it myself ;-).
I assume you've already got a working ldap directory which uses similar attributes like I described here: [[linux_server_manuals:keycloak_openldap_integration|]]

ldap
in nextcloud:
• install ldap user add on
• settings ldap:
∘ server: 127.0.0.1
∘ port: 389
∘ user: cn=admin,dc=example,dc=com   (don't use admin, use one made only for nextcloud!!!) ( it is not necessarz to give a user)
∘ base dn: dc=example,dc=com
∘ users: ldap query: (|(objectclass=inetOrgPerson))
∘ login attributes: username
∘ groups: only these object classes: groupofnames
∘ advanced: directory settings: base user tree: ou=People,dc=example,dc=com
∘ base group tree: ou=Group,dc=example,dc=com
∘ Enable LDAP password changes per user: true  (if we want to allow it)
∘ advanced : email mapping: mail
∘ expert: UUID Attribute for Users: uid
∘ (setup user cleanup, see docu, not necessary for testing)