[Owncloud] Partition users using LDAP

Arthur Schiwon blizzz at owncloud.com
Fri Feb 1 18:29:48 UTC 2013


Sorry for the late answer.

On 01/16/2013 08:24 AM, Tornóci László wrote:
> Hi Arthur,
>
> On 01/15/2013 10:43 PM, Arthur Schiwon wrote:
>> On Tuesday, January 15, 2013 07:22:48 PM Tornóci László wrote:
>>> it occurred to me, that you could use in the advanced LDAP settings (OC
>>> 4.5) the "User Home Folder Naming Rule" to partition users into several
>>> different directories rather then to put all of them into the default
>>> "data/".
>>> Setting the LDAP "User Home Folder Naming Rule" = myHomeAttr
>>> and giving each user a value like "dir1/dir2/username" for this
>>> attribute seems to work (of course you must set up your LDAP to have
>>> this attribute).
>>>
>>> Is this allowed to do? It looks like a nice feature if you have lots of
>>> users.
>>
>> Yes!
>> Just make sure, the permissions are correct, i.e. the webserver user
>> must be
>> able to read and write.
>
> Thank you for your response. This is very nice. I tested a bit, and
> noted, that "files_external" and "files_version" are created in BOTH
> "data/USERNAME" and in the directory given by LDAP attribute for home
> dir, however the directories in "data/USERNAME" never seem to be used.
> Is it correct to say that this is a bug in 4.5 that is harmless? So is
> it ok to go ahead and use this advanced feature in LDAP?

Yes, this is rather a bug. Would you mind creating a bug report for each 
files_version and files_external here 
https://github.com/owncloud/core/issues ?

> Related to this: can you later on relocate the user home dir in the
> filesystem and change the value of the LDAP attribute accordingly
> without OC complaining? That would be VERY nice even if you are not
> allowed to change the username!

Theoretically yes. But.
a) you need to copy the data manually. ownCloud will not move things around
b) since 4.5 LDAP remembers the path for each user and won't change it 
to avoid finding empty folders. However, this is kind of stupid, as it 
hinders admins to manager their systems. I intend to remove it again.

> One more thing: it is rather awkward that you are not allowed to have
> accented characters in user and group names. Are there any plans in the
> future to introduce additional LDAP attributes for user and group names
> with accented chars that are only _displayed_ for the users?

For ownCloud 5.0 we will have lovely User Names. Not so for group names, 
however.

Cheers
Arthur

>
>                          Yours: Laszlo



More information about the Owncloud mailing list