[Owncloud] Antwort: Re: two LDAP backends: duplicate user accounts

Sven Ehret sven.ehret at comdok.de
Thu Oct 31 11:33:19 UTC 2013

thanks! You mean, you introduced a custom LDAP attribute and specified it 
in the filter?

Best, Sven

Von:    Erwin Rennert <rennert at zsi.at>
An:     owncloud at kde.org
Datum:  31.10.2013 10:49
Betreff:        Re: [Owncloud] two LDAP backends: duplicate user accounts
Gesendet von:   owncloud-bounces at kde.org

We do not permit all our OpenLDAP-Users to access Owncloud; so we have a 
user list filter "hihoAllowOwncloud=TRUE"

If you only have the occasional double user, disabling this manually 
should do the trick.


On 10/31/2013 08:34 AM, Sven Ehret wrote:
> Hello List!
> We are using Owncloud version 5.0.12 on Ubuntu 12.04.3 and maintain two
> separate LDAP directories for a customer:
> 1. MS Active Directory and
> 2. OpenLDAP.
> Both directories are configured in Owncloud. Hooray for being able to
> configure multiple LDAP backends! As User Login and User List filter, I
> setup group memberships in both cases:
> 1. MS Active Directory:
>   * User Login Filter:
>     (&(sAMAccountName=%uid)(objectClass=person)(memberOf=<a specific
>     group>))
>   * User List Filter: memberOf:1.2.840.113556.1.4.1941:=<a specific 
> 2. OpenLDAP:
>   * User Login Filter: uid=%uid
>   * User List Filter: objectClass=posixAccount
> That way, users from both directories can log on to Owncloud, which is
> fantastic.
> Now, it is not uncommon that some users are in /both/ directories. This
> results in lack of clarity /which/ account is effective for OC logons.
> Furthermore, when data shall be shared with one of these users, they do
> appear /twice/ in the sharing list and it is not clear which user is the
> active one.
> First I thought that this would be easy to fix: Just remove the user
> from the Active Directory group that is special for Owncloud logons.
> However, this is not effective as a removal of the account from this
> group does not seem to change anything in Owncloud.
> Does anybody have an idea what could be done to clean this up? This
> really is frustrating and a show stopper for some of those users. Thank
> you for reading!
> Best, Sven. !DSPAM:5272083b148721225111392!
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud
> !DSPAM:5272083b148721225111392!

Erwin Rennert, IT Services
Center for Social Innovation

A-1150 Wien, Linke Wienzeile 246
Austria, Europe

Phone: ++43-1-495 04 42 - 61
Facsimile: ++43-1-495 04 42 - 40

Owncloud mailing list
Owncloud at kde.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20131031/2e5c99a9/attachment.html>

More information about the Owncloud mailing list