How to disabling LDAP-user accounts (shadowExpire class)?

Hi everybody,

I am trying to manage the accounts of Nextcloud with the module LDAP. The schemas used are the following :

  • inetorgPerson
  • top
  • posixAccount
  • shadowAccount,

All the things work well excepted that I would like to disable the LDAP’s users having an expired account, ie when the shadowExpire LDAP attribute is out (for example shadowExpire=0).

I think it is possible to do this with an adequate filter for user LDAP but I don’t succeed in.

Have you ever tried it ? Or how do you manage expired users with LDAP ?

Best regards,


Nextcloud version (eg, 18.0.2): 18.0.3
Operating system and version (eg, Ubuntu 20.04): Debian 10
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.25
PHP version (eg, 7.1): 7.3