<font size=2 face="sans-serif">thanks! You mean, you introduced a custom
LDAP attribute and specified it in the filter?</font>
<br>
<br><font size=2 face="sans-serif">Best, Sven</font>
<br>
<br>
<br>
<br><font size=1 color=#5f5f5f face="sans-serif">Von:
</font><font size=1 face="sans-serif">Erwin Rennert <rennert@zsi.at></font>
<br><font size=1 color=#5f5f5f face="sans-serif">An:
</font><font size=1 face="sans-serif">owncloud@kde.org</font>
<br><font size=1 color=#5f5f5f face="sans-serif">Datum:
</font><font size=1 face="sans-serif">31.10.2013 10:49</font>
<br><font size=1 color=#5f5f5f face="sans-serif">Betreff:
</font><font size=1 face="sans-serif">Re: [Owncloud]
two LDAP backends: duplicate user accounts</font>
<br><font size=1 color=#5f5f5f face="sans-serif">Gesendet von:
</font><font size=1 face="sans-serif">owncloud-bounces@kde.org</font>
<br>
<hr noshade>
<br>
<br>
<br><tt><font size=2>We do not permit all our OpenLDAP-Users to access
Owncloud; so we have a <br>
user list filter "hihoAllowOwncloud=TRUE"<br>
<br>
If you only have the occasional double user, disabling this manually <br>
should do the trick.<br>
<br>
Regards,<br>
E.R.<br>
<br>
On 10/31/2013 08:34 AM, Sven Ehret wrote:<br>
> Hello List!<br>
><br>
> We are using Owncloud version 5.0.12 on Ubuntu 12.04.3 and maintain
two<br>
> separate LDAP directories for a customer:<br>
> 1. MS Active Directory and<br>
> 2. OpenLDAP.<br>
> Both directories are configured in Owncloud. Hooray for being able
to<br>
> configure multiple LDAP backends! As User Login and User List filter,
I<br>
> setup group memberships in both cases:<br>
><br>
> 1. MS Active Directory:<br>
><br>
> * User Login Filter:<br>
> (&(sAMAccountName=%uid)(objectClass=person)(memberOf=<a
specific<br>
> group>))<br>
> * User List Filter: memberOf:1.2.840.113556.1.4.1941:=<a
specific group><br>
><br>
> 2. OpenLDAP:<br>
><br>
> * User Login Filter: uid=%uid<br>
> * User List Filter: objectClass=posixAccount<br>
><br>
><br>
> That way, users from both directories can log on to Owncloud, which
is<br>
> fantastic.<br>
><br>
> Now, it is not uncommon that some users are in /both/ directories.
This<br>
> results in lack of clarity /which/ account is effective for OC logons.<br>
> Furthermore, when data shall be shared with one of these users, they
do<br>
> appear /twice/ in the sharing list and it is not clear which user
is the<br>
> active one.<br>
><br>
> First I thought that this would be easy to fix: Just remove the user<br>
> from the Active Directory group that is special for Owncloud logons.<br>
> However, this is not effective as a removal of the account from this<br>
> group does not seem to change anything in Owncloud.<br>
><br>
> Does anybody have an idea what could be done to clean this up? This<br>
> really is frustrating and a show stopper for some of those users.
Thank<br>
> you for reading!<br>
><br>
> Best, Sven. !DSPAM:5272083b148721225111392!<br>
><br>
><br>
> _______________________________________________<br>
> Owncloud mailing list<br>
> Owncloud@kde.org<br>
> </font></tt><a href=https://mail.kde.org/mailman/listinfo/owncloud><tt><font size=2>https://mail.kde.org/mailman/listinfo/owncloud</font></tt></a><tt><font size=2><br>
><br>
><br>
> !DSPAM:5272083b148721225111392!<br>
><br>
<br>
<br>
-- <br>
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<br>
Erwin Rennert, IT Services<br>
Center for Social Innovation<br>
<br>
A-1150 Wien, Linke Wienzeile 246<br>
Austria, Europe<br>
<br>
Phone: ++43-1-495 04 42 - 61<br>
Facsimile: ++43-1-495 04 42 - 40<br>
</font></tt><a href=http://www.zsi.at/><tt><font size=2>http://www.zsi.at/</font></tt></a><tt><font size=2><br>
<br>
_______________________________________________<br>
Owncloud mailing list<br>
Owncloud@kde.org<br>
</font></tt><a href=https://mail.kde.org/mailman/listinfo/owncloud><tt><font size=2>https://mail.kde.org/mailman/listinfo/owncloud</font></tt></a><tt><font size=2><br>
</font></tt>
<br>