Skip to content

[Bug]: PHP warnings ldap_read no such object / configuration error in setup assistent #60730

Open
Bug
Open
[Bug]: PHP warnings ldap_read no such object / configuration error in setup assistent#60730
Bug
Labels
0. Needs triagePending check for reproducibility or if it fits our roadmap33-feedbackbug
@alx-tuilmenau

Description

@alx-tuilmenau
alx-tuilmenau
opened on May 26, 2026

⚠️ This issue respects the following points: ⚠️

Bug description

Since the update from 32.x to 33.x every run of the cronjob creates the following errors in the log (a lot of them):

{"reqId":"bWzjpV0HHgVcTyXqvw0x","level":2,"time":"2026-05-26T07:55:01+00:00","remoteAddr":"","user":"--","app":"PHP","method":"","url":"--","scriptName":"/data/nextcloud/cron.php","message":"ldap_read(): Search: No such object at /data/nextcloud_a4/apps/user_ldap/lib/LDAP.php#285","userAgent":"--","version":"33.0.3.2","occ_command":["/data/nextcloud/cron.php"],"data":{"app":"PHP"},"id":"6a1553d4a3f05"}

Its the complete log entry, no Stacktrace, no parameters... I don't how how to trace this back. But there is an information message before all the warnings which may help:

{"reqId":"YutXOT9sQunoHFHKml1U","level":1,"time":"2026-05-26T06:50:02+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","scriptName":"/data/nextcloud/cron.php","message":"service \"updateGroups\" - groups do not seem to be configured properly, aborting.","userAgent":"--","version":"33.0.3.2","occ_command":["/data/nextcloud/cron.php"],"data":{"app":"user_ldap"},"id":"6a155dc729ece"}

The LDAP settings are the same since v32.x. But the setup assistent in 33 shows "Invalid query, please check the syntax. API specifications are here: http://www.freedesktop.org/wiki/Specifications/open-collaboration-services." on every test. Login, searching users, etc. works without problems.

The LDAP server has 2 "special" configurations (which I can't change):

  • There is a sizelimit of 50 entries, so searches with more then 50 result will return LDAP_SIZELIMIT_EXCEEDED as return code along with the 50 results
  • There are no groups at all in the directory

To get rid of the "LDAP configuration error" on the Admin Overview panel and address the first configuration issue, I changed the line
if (!$this->ldap->isResource($sr) || $error !== 0) {
to
if (!$this->ldap->isResource($sr) || (($error !== 0) && ($error !== 4)) ) {
in the executeSearch funktion of the lib/Access.php file.

Supressing the warning by adding an @ to the call_user_func_array at the line 285 maybe a solution to remove warning, but as far as I see will this remove ALL ldap warnings, which does not look good.

I will try to look into the LDAP Group management to check what happens if there are no groups at all...

Steps to reproduce

Difficult. I updated to 33.0.3 and got the issues. But it depends on the ldap server configuration, where I don't have access to. Maybe you can reproduce if the LDAP server does not provide any groups or group membership information.

Expected behavior

No error messages in log / ldap configuration assistent (maybe group configuration can deactivated, if this is the issue?)

Nextcloud Server version

33

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.4

Web server

None

Database engine version

MariaDB

Is this bug present after an update or on a fresh install?

Upgraded to a MAJOR version (ex. 31 to 32)

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

  • Default user-backend (database)
  • LDAP/ Active Directory
  • SSO - SAML
  • Other

Configuration report

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***",
            "***"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "33.0.3.2",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "dbdriveroptions": {
            "1002": "SET wait_timeout = 28800"
        },
        "installed": true,
        "default_language": "de",
        "updatechecker": true,
        "has_internet_connection": true,
        "memcached_servers": [
            [
                "localhost",
                11211
            ]
        ],
        "appstoreenabled": true,
        "ldapIgnoreNamingRules": false,
        "ldapProviderFactory": "\\OCA\\User_LDAP\\LDAPProviderFactory",
        "loglevel": 0,
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "forwarded_for_headers": [
            "HTTP_X_FORWARDED_FOR"
        ],
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "sendmail",
        "mail_smtpauthtype": "LOGIN",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "skeletondirectory": "\/data\/nextcloud_skel",
        "activity_expire_days": 14,
        "integrity.check.disabled": true,
        "memcache.local": "\\OC\\Memcache\\APCu",
        "knowledgebaseenabled": false,
        "sharing.minSearchStringLength": 4,
        "sharing.maxAutocompleteResults": 5,
        "maintenance": false,
        "overwritehost": "***",
        "overwriteprotocol": "https",
        "overwrite.cli.url": "***",
        "htaccess.RewriteBase": "\/",
        "proxy": "***",
        "updater.release.channel": "stable",
        "lookup_server": "",
        "localstorage.allowsymlinks": true,
        "default_phone_region": "de",
        "hashingMemoryCost": 8,
        "profile.enabled": false,
        "debug": true,
        "bulkupload.enabled": false,
        "maintenance_window_start": 18,
        "serverid": 1
    }
}

List of activated Apps

Enabled:
  - activity: 6.0.0
  - announcementcenter: 7.4.0
  - app_api: 33.0.0
  - bookmarks: 16.1.4
  - bruteforcesettings: 6.0.0
  - calendar: 6.4.2
  - circles: 33.0.0
  - cloud_federation_api: 1.17.0
  - collectives: 4.4.0
  - comments: 1.23.0
  - contacts: 8.5.0
  - dashboard: 7.13.0
  - dav: 1.36.0
  - deck: 1.17.1
  - drawio: 4.2.3
  - drop_account: 3.0.0
  - federatedfilesharing: 1.23.0
  - federation: 1.23.0
  - files: 2.5.0
  - files_downloadactivity: 1.18.1
  - files_downloadlimit: 5.1.0
  - files_external: 1.25.1
  - files_mindmap: 0.0.34
  - files_pdfviewer: 6.0.0
  - files_reminders: 1.6.0
  - files_retention: 4.0.1
  - files_sharing: 1.25.2
  - files_trashbin: 1.23.0
  - files_versions: 1.26.0
  - forms: 5.2.7
  - groupfolders: 21.0.7
  - guests: 4.7.4
  - impersonate: 4.0.0
  - logreader: 6.0.0
  - lookup_server_connector: 1.21.0
  - metadata: 0.23.0
  - notes: 5.0.0
  - notifications: 6.0.0
  - notify_push: 1.3.3
  - oauth2: 1.21.0
  - photos: 6.0.0
  - polls: 9.1.4
  - profile: 1.2.0
  - provisioning_api: 1.23.0
  - quota_warning: 1.23.0
  - quotaadmin: 0.0.6
  - recommendations: 6.0.0
  - related_resources: 4.0.0
  - richdocuments: 10.1.3
  - serverinfo: 5.0.0
  - settings: 1.16.0
  - sharebymail: 1.23.0
  - spreed: 23.0.4
  - systemtags: 1.23.0
  - tables: 2.1.1
  - tasks: 0.17.1
  - text: 7.0.1
  - theming: 2.8.0
  - theming_customcss: 1.20.0
  - twofactor_backupcodes: 1.22.0
  - twofactor_webauthn: 2.6.0
  - updatenotification: 1.23.0
  - user_ldap: 1.24.0
  - viewer: 6.0.0
  - webhook_listeners: 1.5.0
  - whiteboard: 1.5.8
  - workflowengine: 2.15.0

Nextcloud Signing status

deactivated

Nextcloud Logs

{"reqId":"YutXOT9sQunoHFHKml1U","level":2,"time":"2026-05-26T06:50:02+00:00","remoteAddr":"","user":"--","app":"PHP","method":"","url":"--","scriptName":"/data/nextcloud/cron.php","message":"ldap_read(): Search: No such object at /data/nextcloud_a4/apps/user_ldap/lib/LDAP.php#285","userAgent":"--","version":"33.0.3.2","occ_command":["/data/nextcloud/cron.php"],"data":{"app":"PHP"},"id":"6a155dc729e99"}

{"reqId":"YutXOT9sQunoHFHKml1U","level":1,"time":"2026-05-26T06:50:02+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"","url":"--","scriptName":"/data/nextcloud/cron.php","message":"service \"updateGroups\" - groups do not seem to be configured properly, aborting.","userAgent":"--","version":"33.0.3.2","occ_command":["/data/nextcloud/cron.php"],"data":{"app":"user_ldap"},"id":"6a155dc729ece"}

Additional info

occ LDAP test-config succeeds. Also test-user works.
occ LDAP show-config:
+-------------------------------+-----------------------------------------------------------------------------------------------------------------+ | Configuration | | +-------------------------------+-----------------------------------------------------------------------------------------------------------------+ | hasMemberOfFilterSupport | 0 | | homeFolderNamingRule | attr:uid | | lastJpegPhotoLookup | 0 | | ldapAdminGroup | | | ldapAgentName | cn=proxy-nextcloud,ou=service,o=xxx | | ldapAgentPassword | *** | | ldapAttributeAddress | | | ldapAttributeAnniversaryDate | | | ldapAttributeBiography | | | ldapAttributeBirthDate | | | ldapAttributeFediverse | | | ldapAttributeHeadline | | | ldapAttributeOrganisation | | | ldapAttributePhone | | | ldapAttributePronouns | | | ldapAttributeRole | | | ldapAttributeTwitter | | | ldapAttributeWebsite | | | ldapAttributesForGroupSearch | | | ldapAttributesForUserSearch | sn;uid;mail | | ldapBackgroundHost | | | ldapBackgroundPort | | | ldapBackupHost | | | ldapBackupPort | | | ldapBase | ou=user,o=xxx | | ldapBaseGroups | ou=user,o=xxx | | ldapBaseUsers | ou=user,o=xxx | ldapCacheTTL | 3600 | [0/259] | ldapConfigurationActive | 1 | | ldapConnectionTimeout | 15 | | ldapDefaultPPolicyDN | | | ldapDynamicGroupMemberURL | | | ldapEmailAttribute | mail | | ldapExperiencedAdmin | 1 | | ldapExpertUUIDGroupAttr | | | ldapExpertUUIDUserAttr | uid | | ldapExpertUsernameAttr | uid | | ldapExtStorageHomeAttribute | | | ldapGidNumber | gidnumber | | ldapGroupDisplayName | cn | | ldapGroupFilter | (objectclass=posixGroup) | | ldapGroupFilterGroups | | | ldapGroupFilterMode | 0 | | ldapGroupFilterObjectclass | | | ldapGroupMemberAssocAttr | uniquemember | | ldapHost | ldap://localhost | | ldapIgnoreNamingRules | | | ldapLoginFilter | (&(|(objectclass=inetOrgPerson))(|(uid=%uid)(|(mail=%uid)))(|(xxx=*)(xxx=TO DELETE))) | | ldapLoginFilterAttributes | mail | | ldapLoginFilterEmail | 0 | | ldapLoginFilterMode | 0 | | ldapLoginFilterUsername | 1 | | ldapMatchingRuleInChainState | unknown | | ldapNestedGroups | 0 | | ldapOverrideMainServer | | | ldapPagingSize | 0 | | ldapPort | 389 | | ldapQuotaAttribute | | | ldapQuotaDefault | | | ldapTLS | 0 | | ldapUserAvatarRule | none | | ldapUserDisplayName | sn | | ldapUserDisplayName2 | givenname | | ldapUserFilter | (&(objectclass=inetOrgPerson)(|(xxx=*)(xxx=TO DELETE))) | | ldapUserFilterGroups | | | ldapUserFilterMode | 0 | | ldapUserFilterObjectclass | inetOrgPerson | | ldapUuidGroupAttribute | auto | | ldapUuidUserAttribute | auto | | markRemnantsAsDisabled | 0 | | turnOffCertCheck | 0 | | turnOnPasswordChange | 0 | | useMemberOfToDetectMembership | 1 | +-------------------------------+-----------------------------------------------------------------------------------------------------------------+

Metadata

Metadata

Assignees

No one assigned

    Labels

    0. Needs triagePending check for reproducibility or if it fits our roadmap33-feedbackbug

    Type

    Bug

    Fields

    No fields configured for Bug.

    Projects

    🧑‍🤝‍🧑 Community triage

    Status

    To triage

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions