You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Although it has its limitations - what plugin doesn't have - it is fairly usable.
The biggest issue for me (besides everything related to placeholders vs API deficiencies as described in #122) is group creation.
I use this schema for Nextcloud's user and group objects. Furthermore I add uidObject objectClass to all groups, so they have uid field, which is used in their dn. This makes the following Nextcloud LDAP configuration possible:
I filter LDAP groups in Nextcloud based on objectClass=NextcloudGroup
I set groups' displayName to cn, which possibly contain non-ASCII chars (as I manage a Nextcloud instance for Hungarian members)
I set groups' UUID to uid which is all lowercase ASCII (and practically the English equivalent of displayName-giving cn)
Now, group creation with this setup - obviously - fails.
Groups created through Nextcloud are added to LDAP, but they are not found and parsed back (Nextcloud reports group creation failed) because:
they don't get the NextcloudGroupobjectclass
they don't get the uidObject objectclass, so they cannot get the uid attribute, even if creation would take my LDAP group UUID settings into account.
This could be mostly fixed with a similar template editor as given for user creation.
I'd add these two objectClasses to the template, set uidandcn to groupName supplied by Nextcloud. I'd still have to change cn in LDAP later, but the non-technical board members of the NPO (for which this Nextcloud is set up) could create the groups without me, and I could "re-displayName" them when I have the time...
The text was updated successfully, but these errors were encountered:
Hi, and thanks for the plugin!
Although it has its limitations - what plugin doesn't have - it is fairly usable.
The biggest issue for me (besides everything related to placeholders vs API deficiencies as described in #122) is group creation.
I use this schema for Nextcloud's user and group objects. Furthermore I add
uidObjectobjectClass to all groups, so they haveuidfield, which is used in theirdn. This makes the following Nextcloud LDAP configuration possible:objectClass=NextcloudGroupcn, which possibly contain non-ASCII chars (as I manage a Nextcloud instance for Hungarian members)uidwhich is all lowercase ASCII (and practically the English equivalent of displayName-givingcn)Now, group creation with this setup - obviously - fails.
Groups created through Nextcloud are added to LDAP, but they are not found and parsed back (Nextcloud reports group creation failed) because:
NextcloudGroupobjectclassuidObjectobjectclass, so they cannot get theuidattribute, even if creation would take my LDAP group UUID settings into account.This could be mostly fixed with a similar template editor as given for user creation.
I'd add these two objectClasses to the template, set
uidandcnto groupName supplied by Nextcloud. I'd still have to changecnin LDAP later, but the non-technical board members of the NPO (for which this Nextcloud is set up) could create the groups without me, and I could "re-displayName" them when I have the time...The text was updated successfully, but these errors were encountered: