How control what admins is visable under integrety?

Nextcloud version (eg, 20.0.5): 22
Operating system and version (eg, Ubuntu 20.04): RHEL/Openshift
Apache or nginx version (eg, Apache 2.4.25): N/A
PHP version (eg, 7.4): N/A

The issue you are facing:
Under a users menu item, Privacy, on bottom of that page there is a section where it says:
Who has access to your data?
And a list of atleast the “super”-admins.

Two questions, we are doing, for us, a huge installation (approx 14 000 users) so there will be a few admins… 12 atm. This will be crazy.
How can I control this behavior?
I have read the documentation and I cannot find any info about this.

Also HOW can a superadmin access my data?

Superadmins host your data, so they have access to them. If you want fully control your own data, you should host them by yourself so you’re the only one superadmin.

You’re missing my point. This is a company install.
As I said there is 14 000 users approx.
Big installations have to have handle this before.

I understand. Even with fully encrypted files, superadmins can always decrypt them as far as I know.

Hi @mattiash

You can maybe use more group admins to limit the number of Superadmins. Superadmins will always be able to see everything otherwise they wouldn’t be Superadmins :wink: Also the Linux server admins or database admins will be able to access the data too, if they wanted to. At the end of the day, you just have to trust a certain number of people.

However, I agree with you that Nextcloud, compared to other applications, does not offer too many possibilities to control admin permissions in a fine-grained way. There are simple blog or wiki software products out there that have more sophisticated permission management features than Nextcloud :wink:

Are you looking for a way to hide this message or to actualy change the admin permissions? :wink:

Maybe the following links will help you…

Users and permissions:

https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_configuration.html

https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/admin_delegation_configuration.html

https://docs.nextcloud.com/server/latest/admin_manual/file_workflows/access_control.html

Audit / Logging:

https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/logging_configuration.html

https://portal.nextcloud.com/article/using-the-audit-log-44.html

The link about the audit_log app leads to the customer portal of Nextcloud GmbH and I did not find anything in the public docs. Maybe you should seriously consider signing a support contract with the Nextcloud GmbH anyways. I mean a user forum is probably not the right place to get adequate support for a company with 14’000 employees and relatively high requirements for data security…!?

1 Like

Thank for your answer!
I know that the use forums isn’t the rigth place, I am on my way into a new position handling NC for this company and thougth I would do some magic before and hit the ground running.