[Owncloud] Partition users using LDAP

Tornóci László tornoci.laszlo at med.semmelweis-univ.hu
Mon Feb 4 11:59:27 UTC 2013


Hi,

On 02/01/2013 07:29 PM, Arthur Schiwon wrote:
> Sorry for the late answer.

no problem.

>
> On 01/16/2013 08:24 AM, Tornóci László wrote:
>> Hi Arthur,
>>
>> On 01/15/2013 10:43 PM, Arthur Schiwon wrote:
>>> On Tuesday, January 15, 2013 07:22:48 PM Tornóci László wrote:
>>>> it occurred to me, that you could use in the advanced LDAP settings (OC
>>>> 4.5) the "User Home Folder Naming Rule" to partition users into several
>>>> different directories rather then to put all of them into the default
>>>> "data/".
>>>> Setting the LDAP "User Home Folder Naming Rule" = myHomeAttr
>>>> and giving each user a value like "dir1/dir2/username" for this
>>>> attribute seems to work (of course you must set up your LDAP to have
>>>> this attribute).
>>>>
>>>> Is this allowed to do? It looks like a nice feature if you have lots of
>>>> users.
>>>
>>> Yes!
>>> Just make sure, the permissions are correct, i.e. the webserver user
>>> must be
>>> able to read and write.
>>
>> Thank you for your response. This is very nice. I tested a bit, and
>> noted, that "files_external" and "files_version" are created in BOTH
>> "data/USERNAME" and in the directory given by LDAP attribute for home
>> dir, however the directories in "data/USERNAME" never seem to be used.
>> Is it correct to say that this is a bug in 4.5 that is harmless? So is
>> it ok to go ahead and use this advanced feature in LDAP?
>
> Yes, this is rather a bug. Would you mind creating a bug report for each
> files_version and files_external here
> https://github.com/owncloud/core/issues ?

I'll do that.

>> Related to this: can you later on relocate the user home dir in the
>> filesystem and change the value of the LDAP attribute accordingly
>> without OC complaining? That would be VERY nice even if you are not
>> allowed to change the username!
>
> Theoretically yes. But.
> a) you need to copy the data manually. ownCloud will not move things around

of course

> b) since 4.5 LDAP remembers the path for each user and won't change it
> to avoid finding empty folders. However, this is kind of stupid, as it
> hinders admins to manager their systems. I intend to remove it again.

That would be nice, indeed.

>> One more thing: it is rather awkward that you are not allowed to have
>> accented characters in user and group names. Are there any plans in the
>> future to introduce additional LDAP attributes for user and group names
>> with accented chars that are only _displayed_ for the users?
>
> For ownCloud 5.0 we will have lovely User Names. Not so for group names,
> however.

The user names are the most important. Thank you!

						Yours: Laszlo
>
> Cheers
> Arthur
>
>>
>>                          Yours: Laszlo




More information about the Owncloud mailing list