We have successfully implemented nextcloud.
Authentication is via Active Directory.
Now we wanted to use the nextcloud app, but the users click on Save Password.
Our password policy is set so that our users have to change the PW every 30 days.
As a result, the users now regularly lock their Active Directory account via the app.
Someone an idea how we can disable the automatic login in the app.
I’m not sure how it works with Active Directory, but for Applications user can generate Application Password in https://..../index.php/settings/user/security. This passowrd is not bounded to normal user password and will be used by application independent of user password change, could be also revoked or file access disabled by user.
You can implement single signon. That way users are authenticated right away. Might not be the case for the app tho. You should deploy the apps with app passwords as said before.
On a side not. Changing passwords every 30 days is really bad practice. It will increase support and it will get the users to use more insecure passwords. You should rather have a secure password policy with long passwords and only change once every 6 or 12 months. Or deploy 2fa and almost never change passwords.
Welcome to the enterprise world… I would also dream about 6 or 12 months periods of password change. And they should not be similar to X last passwords being used… And not shorter then Y+ and different case, digits and some Special Charters… /offtopic