[Owncloud] AD : How to restrict access to someuser
Holger Angenent
h_zimm01 at uni-muenster.de
Thu Jan 17 09:48:16 UTC 2013
Hi,
I use the same setting and for me, it works.
My configuration is:
Host: hostname_of_domaincontroller
Base-DN: OU=Project-Users,DC=domain,DC=de
User-DN: CN=username,OU=Admins,DC=domain,DC=de
User-Login-Filter:
(&(&(sAMAccountName=%uid)(objectClass=user))(memberOf=CN=u0zivmit,OU=Projekt-Gruppen,DC=domain,DC=de))
User-List-Filter: memberOf=CN=u0zivmit,OU=Project-Groups,DC=domain,DC=de
Group Filter: empty
Advanced:
Group Member association: member(AD)
User Display Name Field: cn
Group Display Name Field: cn
As far as I can see it, you need both the User-Login-Filter and
User-List-Filter. The former to restrict the other users from logging
in, the latter to get the right user list in the user administration menu.
Best regards,
Holger
Am 17.01.2013 10:31, schrieb MOKRANI Rachid:
> Hi,
>
> OwnCloud = v 4.5.4
>
> I have AD W2003 with more than 1000 users. I would like to restrict OwnCloud access to some users only, but no luck.
>
> My domain = exemple.com
> I have an OU "DIR" with all my users (more than 1000 users).
> In the OU "DIR" I have différent groups. (Group1 - Group2 - Group3 ....)
>
> I created a new OU ine the Base DN = "OwnCloudAccess"
> In this new OU I created a new group "OwnCloudGroup" and add 10 users.
>
>
> But no luck, all users can always connect....
>
>
> My conf.
>
> LDAP Basic
> Host = my_hostname.exemple.com
> Base DN = DC=exemple,DC=com
> User DN = cn=adminad,ou=DIR,dc=exemple,dc=com
> Password = adminad user password
> User Login Filter = sAMAccountName=%uid
> User List Filter = (&(memberOf=OU=OwnCloudAcess,CN=OwnCloudGroup,DC=exemple,DC=com))
> Group Filter = (&(memberOf=OU=OwnCloudAcess,CN=OwnCloudGroup,DC=exemple,DC=com))
>
>
>
> Advanced
> Base User Tree= OU=DIR,DC=exemple,DC=com
> Base Group Tree = OU=OwnCloud,DC=exemple,DC=com
> Group-Member association = member (AD)
> User Display Name Field = sAMAccountName
> Group Display Name Field = sAMAccountName
>
>
> Any help about the good config ?
>
> Best regards.
> __________________________
> Avant d'imprimer, pensez à l'environnement ! Please consider the environment before printing !
> Ce message et toutes ses pièces jointes sont confidentiels et établis à l'intention exclusive de ses destinataires. Toute utilisation non conforme à sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse. IFP Energies nouvelles décline toute responsabilité au titre de ce message. This message and any attachments are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited. IFP Energies nouvelles should not be liable for this message.
> __________________________
>
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4967 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20130117/4960789f/attachment.bin>
More information about the Owncloud
mailing list