LDAP doesn't work with group restriction


I have Nextcloud up and running and it works well unless I limit user access to those belonging to certain groups, which is our desired config.

If I don’t specify any groups, The LDAP query returns 232 users. We only want 30 people using this so I try to limit access by adding groups to “Only from these groups”. As soon as I add a group, the query returns 0 users.

I can get around this by making these groups the Primary Active Directory group for it’s members but that creates other issues.

Is there a way to have Nextcloud populate its users by AD group membership without having to make those groups the primary group of its members?

Hi Curt!

I am having the save problem with Nextcloud 16. Have you resolved it at all?


Hi Yerbol

There is no way around it. If you want to restrict users by AD group membership, that group must be the person’s primary group. It’s a Linux thing.

I think it is possible, I had the same issue, found the solution here: