LDAP and data directory for users

twinkybot · June 15, 2020, 3:01pm

Hello,

I have Ubuntu 19.04 LTS and Nextcloud 18.0.6 and corresponding latest apps.

Is there a way to adapt the data directory of a specific user? This user is in LDAP and I had to change the uid and now the folder is wrongly maaped to _2223.

I would like to simply set the data path and maybe even the internal user id back to what it was. The internal user Id is _2223 as well.

Please do not ask how I got there Getting DB Users into LDAP step wise is horrible and somewhere I did something wrong and then the hassle with the apppended number occured.

I followed the steps from here: Migration to LDAP keeping users and data

I did this for one user, actually I created the user in LDAP issued the

delete from oc_users where uid like 'myuser';

for the test user and then logged in. All was good. Calendar, Contacts files.

After that I started with some others and somewhere I must have don something else as the duplicates started popping up. And I cannot get them to merge.

Cheers.

twinkybot · June 15, 2020, 3:35pm

I think I did it. After connecting to the database I issued the following query

update oc_ldap_user_mapping SET owncloud_name = '<uid>' where ldap_dn='uid=<uid>,ou=users,dc=example,dc=com';

and after waiting couple minutes, it seems there is a backround job running, it worked. I did rename the data folder beforehand, though.

twinkybot · June 16, 2020, 11:00am

Please be aware. I think the text in the LDAP App - Expert settings are not explicit enough.
The part stating “Do not use for production” should be bold

I think shared files and folders are broken afterwards. But at least users are in the LDAP now. For home use this is now biggie but for companies I WOULD NOT recommend above procedure.

andrewperry · August 13, 2020, 8:03am

Thanks for this and the warning!

We have been using LDAP from the beginning and now moving to OIDC and it raises some similar issues although OIDC looks to create ‘real’ nextcloud users while LDAP has not been. Logging in with LDAP after logging in with OIDC seems to create a duplicate account now though, but that’s just a warning in case you look to move to OIDC down the track. I will go looking for a solution for that elsewhere.