I tried the SSO & SAML (I think this is user_saml?) but it created a new user instead of recognizing the LDAP user is the same account. And the SSO user does not have access to the external storage.
I would be fine with leaving LDAP and only using SSO if I could get the external storage to connect.
I just read this:
The Log-in credentials, save in database (what I am using) mechanism uses the Nextcloud login credentials of the user to connect to the storage. These are stored in the database encrypted with the shared secret. This allows to share files from within this mount point.
- The method cannot be used with SAML/SSO authentication, because Nextcloud does not get a hold of any credentials whatsoever
So maybe this is my problem. I haven’t tried the next option yet:
The User entered, store in database mechanism work in the same way as the “Username and password” mechanism but the credentials need to be specified by each user individually. Before the first access to that mount point the user will be prompted to enter the credentials.
If I set the external storage auth to User entered, store in database, and they enter the credentials, do you think that would be safe solution? Or is there a better auth method for my needs?
Thanks.