[Owncloud] OC5: LDAP Users<-> Group association don't work

Tornóci László tornoci.laszlo at med.semmelweis-univ.hu
Sun Mar 24 18:22:42 UTC 2013 

Hi Pierre,

On 03/24/2013 02:57 PM, Pierre Malard wrote:
> Thanks
>
> I could be a well know user if I follow up! ;-)
>
> Now, I can have relation between users and group :-). My ownCloud profile is as this:
> The user OC configuration:
>   User Login Filter: uid=%uid
>   User List Filter: (&(objectClass=qmailuser)(accountStatus=active))
>   User Display Name Field: mail		(<< last good modification)
> And this "User List Filter" with this specific rule:
> 	(&(objectClass=qmailuser)(accountStatus=active))
>
> The group OC configuration is absolutely nominal:
>   Group Filter: objectClass=posixGroup
>   Group Display Name Field: cn
>   Group-Member association: memberUid
> The LDAP which is used is on nis.schema (uidMember, gidMember, …)
>
> I have modify our "ou=Group" LDAP table as this:
>    dn: cn=<Group_Name>, ou=Group, dc=MyLDAP,dc=Domain gidNumber:
>    description: <Group_Name>
>    objectClass: posixGroup
>    objectClass: top
>    memberUid: eMail at Domain		(<< last good modification)
>    ....................
>    cn: <Group_Name>
>
> The email field on "memberUid" correpond with the one stored in ownCloud MySQL LDAP users table (oc_ldap_user_mapping).
>
> So, now, we have an automatic relation between users and group :-)
Very good!

>
> BUT, my problem is not closed!
>
> As I stil have a generate UUID as "owncloud_name" in "oc_ldap_user_mapping" MySQL table, the owncloud user's home directory is named with this UUID and not the email address as it was with OC 4.5.7!
> So, if I "update" our owncloud 4.5.7 service, all ours user will lost their files because they are not in the good owncloud "data" folder...

You can specify an LDAP attribute to define the home path of the users:
http://doc.owncloud.org/server/5.0/admin_manual/configuration/auth_ldap.html

See under "Special attributes" it is called "User Home Folder Naming 
Rule". You can set this to whatever you like (you probably want to set 
it to 'mail').

> Even all LDAP users are now listed on "oc_ldap_user_mapping" MySQL LDAP users table, I can't display all of them in the administrative windows of ownCloud interface. As is, I can't modify their properties!
> The display is stil limited to 30 entries and I have this message in "owncloud.log" file:
> {"app":"user_ldap","message":"Paged search failed :(","level":1,"time":1364133108}
> {"app":"user_ldap","message":"No paged search for us, Cpt., Limit 10 Offset 12","level":1,"time":1364133108}
>
> If you have a solution?

I don't know how the code may have changed between 4.5.x and 5.0, but it 
is possible that paged search has been introduced in 5.0. That means you 
ask for the results from the LDAP server in smaller chunks (pages), 
rather than having it all at once. I guess not all LDAP servers support 
paged search, or at least you have to change the config of the LDAP 
server to support it. You should check the docs of your LDAP server.

						Yours: Laszlo

>
> Cheers
>
> PS:
> In our owncloud 4.5.7 service, which is now in production, the LDAP users <-> Group relation work perfectly and, with the same owncloud LDAP profile, the "mail" LDAP field is really used by ownCloud as "owncloud_name". So the "data" users folder is named by their "mail" address.
>
> Le 24 mars 2013 à 11:37, Tornóci László <tornoci.laszlo at med.semmelweis-univ.hu> a écrit :
>

More information about the Owncloud mailing list