[Owncloud] two LDAP backends: duplicate user accounts

Sven Ehret sven.ehret at comdok.de
Thu Oct 31 07:34:46 UTC 2013


Hello List!

We are using Owncloud version 5.0.12 on Ubuntu 12.04.3 and maintain two 
separate LDAP directories for a customer:
1.      MS Active Directory and
2.      OpenLDAP.
Both directories are configured in Owncloud. Hooray for being able to 
configure multiple LDAP backends! As User Login and User List filter, I 
setup group memberships in both cases:

1.      MS Active Directory:
User Login Filter: (&(sAMAccountName=%uid)(objectClass=person)(memberOf=<a 
specific group>))
User List Filter: memberOf:1.2.840.113556.1.4.1941:=<a specific group>
2.      OpenLDAP:
User Login Filter: uid=%uid
User List Filter: objectClass=posixAccount

That way, users from both directories can log on to Owncloud, which is 
fantastic.

Now, it is not uncommon that some users are in both directories. This 
results in lack of clarity which account is effective for OC logons. 
Furthermore, when data shall be shared with one of these users, they do 
appear twice in the sharing list and it is not clear which user is the 
active one.

First I thought that this would be easy to fix: Just remove the user from 
the Active Directory group that is special for Owncloud logons. However, 
this is not effective as a removal of the account from this group does not 
seem to change anything in Owncloud.

Does anybody have an idea what could be done to clean this up? This really 
is frustrating and a show stopper for some of those users. Thank you for 
reading!

Best, Sven.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20131031/5468594a/attachment.html>


More information about the Owncloud mailing list