Server configuration detail
Operating system: Linux 5.15.0-136-generic #147-Ubuntu SMP Sat Mar 15 15:53:30 UTC 2025 x86_64
Webserver: Apache/2.4.52 (Ubuntu) (fpm-fcgi)
Database: mysql 10.6.21
PHP version: 8.1.2-1ubuntu2.21
Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, json, Reflection, SPL, session, standard, sodium, cgi-fcgi, mysqlnd, PDO, xml, apcu, bcmath, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, gmp, iconv, igbinary, imagick, imap, intl, ldap, exif, msgpack, mysqli, pdo_mysql, Phar, posix, readline, redis, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlwriter, xsl, zip, memcached, Zend OPcache
Nextcloud version: 31.0.4 - 31.0.4.1
Updated from an older Nextcloud/ownCloud or fresh install:
Where did you install Nextcloud from: unknown
Signing status
List of activated apps
Enabled:
- activity: 4.0.0
- admin_audit: 1.21.0
- admin_notifications: 1.0.2
- announcementcenter: 7.1.1
- app_api: 5.0.2
- apporder: 0.15.0
- bruteforcesettings: 4.0.0
- comments: 1.21.0
- contactsinteraction: 1.12.0
- dashboard: 7.11.0
- files_accesscontrol: 2.0.0
- files_automatedtagging: 2.0.0
- files_downloadlimit: 4.0.0
- files_pdfviewer: 4.0.0
- files_reminders: 1.4.0
- files_retention: 2.0.1
- files_sharing: 1.23.1
- files_trashbin: 1.21.0
- files_versions: 1.24.0
- group_default_quota: 0.1.11
- groupfolders: 19.0.4
- groupquota: 0.2.2
- impersonate: 2.0.0
- mail: 5.0.2
- metadata: 0.22.0
- nextcloud_announcements: 3.0.0
- notifications: 4.0.0
- password_policy: 3.0.0
- photos: 4.0.0-dev.1
- privacy: 3.0.0
- quota_warning: 1.21.0
- recommendations: 4.0.0
- related_resources: 2.0.0
- serverinfo: 3.0.0
- sharebymail: 1.21.0
- side_menu: 5.0.1
- support: 3.0.0
- survey_client: 3.0.0
- systemtags: 1.21.1
- text: 5.0.0
- theming_customcss: 1.18.0
- updatenotification: 1.21.0
- user_ldap: 1.22.0
- user_retention: 1.14.0
- webhook_listeners: 1.2.0
- workflow_script: 2.0.0
Disabled:
- circles: 24.0.0
- encryption
- federation: 1.14.0
- files_antivirus: 6.0.0
- files_external
- files_rightclick: 1.6.0
- firstrunwizard: 2.13.0
- geoblocker: 0.5.16
- ldap_contacts_backend: 1.11.0
- logreader: 2.13.0
- suspicious_login
- testapp: 1.0.0
- twofactor_nextcloud_notification
- twofactor_totp
- user_status: 1.4.0
- weather_status: 1.4.0
- webhookapp: 1.0.0
Configuration (config/config.php)
{
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"bulut.yasar.com.tr",
"172.17.1.53",
"127.0.0.1",
"localhost",
"yasar.com.tr",
"10.65.8.100"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "31.0.4.1",
"overwrite.cli.url": "https:\/\/bulut.yasar.com.tr",
"overwrite.host": "bulut.yasar.com.tr",
"overwrite.protocol": "https",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"default_phone_region": "TR",
"default_language": "tr",
"default_locale": "tr_TR",
"force_locale": "tr_TR",
"force_language": false,
"available_languages": [
"tr",
"en"
],
"maintenance": false,
"maintenance_window_start": 1,
"updater.release.channel": "stable",
"memcache.local": "\\OC\\Memcache\\Redis",
"memcache.locking": "\\OC\\Memcache\\Redis",
"filelocking.enabled": "true",
"filesystem_check_changes": 1,
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379,
"timeout": 0
},
"htaccess.RewriteBase": "\/",
"ldapIgnoreNamingRules": false,
"ldapUserCleanupInterval": 51,
"ldapBackgroundSyncInterval": 60,
"remember_login_cookie_lifetime": 86400,
"session_lifetime": 7200,
"session_keepalive": true,
"auto_logout": true,
"auth.webauthn.enabled": false,
"trashbin_retention_obligation": "auto,7",
"enable_avatars": false,
"enable_previews": true,
"profile.enabled": false,
"allow_user_to_change_display_name": false,
"allow_user_to_change_mail_address": false,
"theme": "",
"lost_password_link": "disabled",
"defaultapp": "files",
"knowledgebaseenabled": false,
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "smtp",
"mail_sendmailmode": "smtp",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "25",
"log_type": "file",
"syslog_tag": "nextcloud",
"logfile": "\/data\/nextcloud.log",
"loglevel": 2,
"logdateformat": "d.m.Y, H:i:s",
"logtimezone": "Europe\/Istanbul",
"log.condition": {
"apps": [
"admin_audit",
"files",
"dav",
"core",
"encryption"
]
},
"log_type_audit": "syslog",
"syslog_tag_audit": "nextcloud",
"logfile_audit": "",
"app_install_overwrite": [
"group_default_quota",
"impersonate",
"apporder",
"webhooks",
"adwelcomemail",
"admin_notifications"
],
"connectivity_check_domains": [
"www.startpage.com",
"www.eff.org"
],
"activity_webhook": "https:\/\/bulut.yasar.com.tr\/nextcloud-webhook.php",
"allow_local_remote_servers": true,
"appstoreenabled": true,
"skeletondirectory": "\/var\/www\/custom_skeleton",
"templatedirectory": "",
"ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
"impersonate_include_groups": [],
"blacklisted_files": [],
"files.chunked_upload.max_size": 20971520
}
Cron Configuration:
Mode: cron Last: 2025-05-02T11:40:02+00:00 (121 seconds ago)
External storages: files_external is disabled
Encryption: no
User-backends:
- OC\User\Database
- OCA\User_LDAP\User_Proxy
Subscription:
- No valid subscription key set
Browser: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Setup checks
security
- PHP version: You are currently running PHP 8.1.2-1ubuntu2.21. PHP 8.1 is deprecated since Nextcloud 30. Nextcloud 32 may require at least PHP 8.2. Please upgrade to one of the officially supported PHP versions provided by the PHP Group as soon as possible.
php
- PHP opcache: The PHP OPcache module is not properly configured. The OPcache interned strings buffer is nearly full. To assure that repeating strings can be effectively cached, it is recommended to apply “opcache.interned_strings_buffer” to your PHP configuration with a value higher than “64”…
LDAP
LDAP configuration
+-------------------------------+---------------------------------------------------------------------------+
| Configuration | s01 |
+-------------------------------+---------------------------------------------------------------------------+
| hasMemberOfFilterSupport | 1 |
| homeFolderNamingRule | attr:sAMAccountName |
| lastJpegPhotoLookup | 0 |
| ldapAdminGroup | |
| ldapAgentName | CN=Otp Check,CN=users,DC=yasar,DC=grp |
| ldapAgentPassword | *** |
| ldapAttributeAddress | |
| ldapAttributeAnniversaryDate | |
| ldapAttributeBiography | |
| ldapAttributeBirthDate | |
| ldapAttributeFediverse | |
| ldapAttributeHeadline | |
| ldapAttributeOrganisation | |
| ldapAttributePhone | |
| ldapAttributePronouns | |
| ldapAttributeRole | |
| ldapAttributeTwitter | |
| ldapAttributeWebsite | |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackgroundHost | |
| ldapBackgroundPort | |
| ldapBackupHost | 10.40.1.243 |
| ldapBackupPort | 389 |
| ldapBase | DC=yasar,DC=grp |
| ldapBaseGroups | DC=yasar,DC=grp |
| ldapBaseUsers | DC=yasar,DC=grp |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapConnectionTimeout | 15 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | |
| ldapExtStorageHomeAttribute | |
| ldapGidNumber | gidnumber |
| ldapGroupDisplayName | displayname |
| ldapGroupFilter | objectClass=posixGroup |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 1 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | member |
| ldapHost | 10.40.1.242 |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(samaccountname=%uid)(memberof=cn=bulutusers,cn=users,dc=yasar,dc=grp)) |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 1 |
| ldapLoginFilterMode | 1 |
| ldapLoginFilterUsername | 1 |
| ldapMatchingRuleInChainState | unknown |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 3268 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | |
| ldapUserAvatarRule | default |
| ldapUserDisplayName | displayname |
| ldapUserDisplayName2 | |
| ldapUserFilter | memberof=cn=bulutusers,cn=users,dc=yasar,dc=grp |
| ldapUserFilterGroups | BulutUsers |
| ldapUserFilterMode | 1 |
| ldapUserFilterObjectclass | person |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| markRemnantsAsDisabled | 0 |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+---------------------------------------------------------------------------+
+-------------------------------+---------------------------------------------------------------------------+
| Configuration | s03 |
+-------------------------------+---------------------------------------------------------------------------+
| hasMemberOfFilterSupport | 0 |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAdminGroup | |
| ldapAgentName | CN=Otp Check,CN=users,DC=yasar,DC=grp |
| ldapAgentPassword | *** |
| ldapAttributeAddress | |
| ldapAttributeAnniversaryDate | |
| ldapAttributeBiography | |
| ldapAttributeBirthDate | |
| ldapAttributeFediverse | |
| ldapAttributeHeadline | |
| ldapAttributeOrganisation | |
| ldapAttributePhone | |
| ldapAttributePronouns | |
| ldapAttributeRole | |
| ldapAttributeTwitter | |
| ldapAttributeWebsite | |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackgroundHost | |
| ldapBackgroundPort | |
| ldapBackupHost | |
| ldapBackupPort | 3268 |
| ldapBase | DC=yasar,DC=grp |
| ldapBaseGroups | DC=yasar,DC=grp |
| ldapBaseUsers | DC=yasar,DC=grp |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapConnectionTimeout | 15 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | |
| ldapExtStorageHomeAttribute | |
| ldapGidNumber | gidnumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | objectClass=posixGroup |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 0 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | |
| ldapHost | 10.96.1.242 |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(samaccountname=%uid)(memberof=cn=bulutusers,cn=users,dc=yasar,dc=grp)) |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 0 |
| ldapLoginFilterUsername | 1 |
| ldapMatchingRuleInChainState | unknown |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 3268 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserAvatarRule | default |
| ldapUserDisplayName | displayname |
| ldapUserDisplayName2 | |
| ldapUserFilter | memberof=cn=bulutusers,cn=users,dc=yasar,dc=grp |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 0 |
| ldapUserFilterObjectclass | |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| markRemnantsAsDisabled | 0 |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+---------------------------------------------------------------------------+
Summary of the issue you are facing:
I granted Administration privileges to a group (HelpDesk) on Nextcloud from the Users section. They don’t have any issues with adding/removing users or managing quotas, etc. However, they can’t see the user groups that were previously created by root. As root, I want to give HelpDesk group users permission to add/remove users to groups as well. How can I achieve this?
P.S.: My test env. version is 30.0.6 and groups shown correctly
Steps to replicate it (hint: details matter!):
- Login as user
- go to accounts
- No user group shown at left panel