Cannot remove duplicated LDAP user

Nextcloud version (eg, 20.0.5): 25.0.4 AIO
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04 / Proxmox

The issue you are facing:

Nextcloud (AIO) is connected to LDAP (Windows AD) → working just fine :slight_smile:
One of the users was deleted in AD (by accident) and recreated from scratch. → New user, new GUID, same name, same email address.

So right now, in Nextcloud this contact is duplicated and this is something that I don’t understand.

When I’m looking for existing users with icon next to avatar:

But I’f I’ll look for users I can see only one with previous GUID

But by going into user profiles I can clearly see that both of them are active.
( - Current one
( - Previously Deleted

This person can log in without issues, but i.e Talk messages are split between those 2 account.

I’ve tried to disable with GUID=D803685F-2F84-4D25-8597-CDFCEFE5222D, but then this person (GUID=7BE765EE-F35C-4C19-B80F-2300E28A1C46) cannot login as account seems to be disabled.

I’ve also tried to change a name and email address in AD for user with GUID=7BE765EE-F35C-4C19-B80F-2300E28A1C46, but this link between accounts was still there…

What I’m struggling is to remove user GUID=D803685F-2F84-4D25-8597-CDFCEFE5222D, while keeping user GUID=7BE765EE-F35C-4C19-B80F-2300E28A1C46 as this user have plenty of calendar entries, tasks and chats already in Nextcloud.

sudo -u www-data php occ ldap:show-remnants doesn’t show D803685F-2F84-4D25-8597-CDFCEFE5222D as deleted user

sudo -u www-data php occ user:delete D803685F-2F84-4D25-8597-CDFCEFE5222D)

Specified users could not be deleted, please check logs

I’m wrong or every new GUID in AD should reflect in creating a new user with corresponding GUID in NC and once user is deleted in AD, shouldn’t this be replicated in NC by removing user altogether?

I really need an assistance here!

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Use LDAP user and group backend app
  2. Connect to Windows AD
  3. Sync users
  4. Delete user in AD (no AD recycle bin)
  5. Recreate user in AD with same data
  6. Check synced users in NC