[Owncloud] Antwort: Re: Antwort: Re: OC4: LDAP, share dialogue

Arthur Schiwon blizzz at owncloud.com
Tue May 29 15:04:30 UTC 2012 


On 05/29/2012 03:24 PM, sven.ehret at comdok.de wrote:
> Dirk Kastens<dirk.kastens at uni-osnabrueck.de>  schrieb am 25.05.2012
> 13:53:06:
>
>> Von: Dirk Kastens<dirk.kastens at uni-osnabrueck.de>
>> An: sven.ehret at comdok.de
>> Kopie: owncloud at kde.org, owncloud-bounces at kde.org
>> Datum: 25.05.2012 13:53
>> Betreff: Re: Antwort: Re: [Owncloud] OC4: LDAP, share dialogue
>>
>> Hi Sven,
>>
>>> The problem is that I can see no other users at all in the dialogue. I
>>> am sure that my account is in a number of groups with other users, but
> I
>>> see none of them.
>>>
>>> Do they per chance have to be logged on before they will be
> selectable?
>>
>> No. I don't know much about AD, but you have configured
>>
>> Base Group Tree:<LDAP Base>
>> Group Filter: objectClass=group
>> Group-Member association: memberUid
>>
>> The Base Group Tree must be fully qualified. In ldap (openldap) you can
>> have objectclass=posixgroup with the uid of a user specified as
>> "memberuid". Or you can have objectclass=groupofuniquenames with the dn
>> of a user specified as "uniquemember". The members must be readable by
>> the ldap admin dn, that you have configured as "name" and "password".
>>
>> example:
>>
>> objectclass: posixgroup
>> memberuid: xmuster
>> memberuid: ymuster
>>
>> or
>>
>> objectclass: groupofuniquenames
>> uniquemember: uid=xmuster,ou=people,dc=...
>> uniquemember: uid=ymuster,ou=people,dc=...
>>
>> Dirk
>>
>
> Hi Dirk,
>
> thank you for your mail. Unfortunately, this is ActiveDirectory land here.
> When I create a group for OwnCloud users, which I wanted to address that
> way anyhow, users are being marked as being member if the group as such:
>
> memberOf:
> CN=FNF-PRO-OWNCLOUD,OU=Projekte,OU=Personengruppen,OU=Gruppen,OU=FNF-Global,DC=FNF,DC=intern
>
> Might the problem be that the group-member association should be
> “memberOf” and neither uniqueMember nor memberUid? How could I expand the
> list?

That might be the problem. I have a bug report [1] where simply "member" 
was wished. I can extend it with memberOf, of course.

Currently we need to distinguish if the attribute stores the cn or a dn. 
That's why it is not enough to simply expand the list.

Cheers
Arthur

>
> Best,
>
> Sven Ehret
> Informations-Technologie
> Dienstleistungen COMDOK GmbH
> Eifelstraße 14
> 53757 Sankt Augustin
>
> Tel.: +49 (0)2241.3 49 - 178
> Fax: +49 (0)2241.3 49 - 111
> mailto:ehret at comdok.de
>
> Geschäftsführer: Hans-Dieter Rapsilber
> Amtsgericht: Siegburg
> HRB: 2056
> http://www.comdok.de
>
>
>
>
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud

More information about the Owncloud mailing list