30. 06. 2025 Antonio Cerullo Uncategorized

File Sharing System Migration (from Wing FTP to Nextcloud)

Introduction

This guide illustrates the steps required to adopt Nextcloud on-premise, configuring it for LDAP integration, SSO and MFA, using a preconfigured Virtual Machine. Wing FTP, while useful for years in remote file management, today shows clear limitations in terms of security, scalability and integration.

Nextcloud is a modern, open source and self-hosted solution, offering advanced file management, collaboration tools and integration with existing systems such as Active Directory.

Migrating from Wing FTP to Nextcloud can be beneficial for a number of reasons, among the main ones:

Better Collaboration and Features

Real-Time Collaboration: Nextcloud offers tools such as document editors, calendars, contacts, and sharing features that go beyond simple file transfers, allowing direct collaboration on documents.
App Ecosystem: With a vast application repository, Nextcloud can be extended to meet specific needs, such as project management, notes, or CRM.

Advanced Security

Two-Factor Authentication: Nextcloud supports two-factor authentication (2FA) as standard, adding a layer of security that Wing FTP does not natively offer.
End-to-End Encryption: Nextcloud allows end-to-end encryption of files, ensuring that only authorized users can access them, even if the server is compromised.

Data Control and Privacy

Self-Hosting: Nextcloud can be hosted on your own servers or in a private cloud, giving you more control over your data than using external services, reducing the risk of privacy breaches.
Compliance: Nextcloud makes it easier to comply with data protection regulations like GDPR, thanks to more granular data management and auditing capabilities.

Scalability and Flexibility

Scalability: Nextcloud is designed to be scalable both in terms of number of users and data volume, better adapting to business growth.
Flexibility: The ability to integrate with other services or extend functionality as needed makes Nextcloud more flexible than traditional FTP solutions.

Multi-Device Access

Synchronization: Nextcloud offers automatic synchronization across multiple devices, including smartphones and tablets, providing easy and consistent access to files wherever you are.
Mobile Apps: It has official apps that enhance the user experience on mobile devices, something that Wing FTP doesn’t offer directly.

Long-Term Costs

Cost Reduction: Although there is an initial cost for hosting or hardware, Nextcloud is open-source, so there are no licensing costs for basic features. This can lead to long-term savings compared to Wing FTP Server licensing costs for advanced features.
Simplified Maintenance: Nextcloud has an active community and available commercial support, which can make system updates and management easier.

Integration and Automation

API and Integration: Nextcloud can integrate with a wide range of enterprise software, supporting workflow automation and integration with existing systems.

Differences between File Sharing Systems

SMB/CIFS (Server Message Block/Common Internet File System):
– Pros: Native support in Windows, good for local networks, allows folder sharing.
– Cons: Compatibility issues between different Operating Systems, limited security if not configured correctly.
WebDAV:
– Pros: Integration with document management systems, supports atomic transactions, works over HTTP/HTTPS.
– Cons: Can be slower than other solutions, complex to configure.
Cloud solutions such as Dropbox, Google Drive, and OneDrive:
– Pros: Global access, web and mobile interface, automatic synchronization.
– Cons: Dependency on third-party services, concerns about privacy and data control, free space limits.
Nextcloud:
– Pros: Autonomy, control over data, real-time collaboration, extensibility, synchronization across multiple devices.
– Cons: Requires infrastructure management, learning curve for advanced configurations, initial costs for hosting.

Installation instructions

Download the OVA file and Import It into vSphere

At this link you can find the download of the Virtual Machine. You can decide both the system used (VMware / Microsoft Hyper-V / etc.) and the amount of GB present in the machine. We decided to download ‘Nextcloud VM Pre-installed – 100GB‘ as it’s free.

Nextcloud VM

Import it into your virtual infrastructure

Initial steps

After import is complete and it’s turned on, the start-up script launches and you can decide which IP to assign to it, the hostname and various other values.

Next, connect to the shell with the following credentials:
user: admin
password: nextcloud

Change the password immediately:
passwd ncadmin
Run this script to initiate the final setup (install apps, configure Nextcloud, activate TLS, keyboard choice, etc.):
sudo bash /var/scripts/menu.sh
Update your Nextcloud instance with this:
sudo bash /var/scripts/update.sh

The Nextcloud system is now ready to be used. You can connect with the browser to the assigned IP/hostname:
https://nextcloud.domain.com

Nextcloud Configuration

LDAP Synchronization

Enable the “LDAP user and group backend” App
Go to the “Apps” section
Search for “LDAP user and group backend“
Click “Enable” if it’s not already active

Go to LDAP Settings
Click the user icon in the top right → “Administration Settings“
Navigate on the left to “Administration” → “LDAP/AD integration“
Server Tab
Host: e.g., ldap.dap.mydomain.local – ldaps.mydomain.local
Port: 389 (LDAP) or 636 (LDAPS)
User DN (bind user): e.g., cn=admin,dc=mydomain,dc=local
Bind password: the password for the bind user
Base DN: e.g., dc=mydomain,dc=local
Click “Test Base DN” to verify the connection

Users Tab
Object classes: e.g.: person
Optionally, provide the group filter if you want to import LDAP groups
Click “Verify settings and count users” to check the results

Login Attributes Tab
Choose which LDAP attributes can be used for login (e.g., cn, userPrincipalName)
Test a login by entering it in the “TestLoginname‘ and click on “Verify settings“

Groups Tab
To verify that the groups are visible correctly

Advanced Tab (optional)
Configure timeouts, cache settings, limits, etc.
Enable background jobs for periodic user sync

Save and Test
Once everything is filled out, click “Test Configuration“
Then click “Save“
Test LDAP Login
Try logging into Nextcloud with a valid LDAP user to confirm the setup is working

SSO/MFA with ADFS integration

Enable the “SSO & SAML authentication” App
Go to the “Apps” section
Search for “SSO & SAML authentication“
Click “Enable” if it’s not already active

Configure ADFS server as a SAML Identity Provider (IdP)
In Nextcloud (admin account) go to Administration Settings > Administration > SSO & SAML authentication
Fill in:
Attribute to map the UID to: sAMAccountName
Identifier of the IdP entity (must be a URI): https://adfs.domain.com/adfs
URL Target of the IdP: https://adfs.domain.com/adfs/ls/
URL Location of the IdP: https://adfs.domain.com/adfs/ls/?wa=wsignout1.0
URL Location of the IDP’s SLO Response: https://adfs.domain.com/adfs/ls/?wa=wsignout1.0
Public X.509 certificate of the IdP: Paste the ADFS public certificate (Base64 format).

Test the Login Flow
Log in to a domain-joined workstation
Open Nextcloud in a browser (e.g., Edge/Chrome)
You should be automatically logged in via SSO
Nextcloud will create the user based on the SAML attributes

Conclusion

There are numerous apps and configurations that can be made on Nextcloud based on what’s needed in your company. With this configuration, however, Nextcloud on-premise becomes a secure, integrated and easy-to-manage file sharing solution. With a proactive approach to maintenance, regular updates, and ongoing support, Nextcloud is ready to support collaboration in a scalable, private, and reliable way.

These Solutions are Engineered by Humans

Did you like this article? Does it reflect your skills? Würth Phoenix is always looking for talented, enthusiastic individuals to help us drive our business. In fact, we’re currently hiring for many different roles here at Würth Phoenix.