LDAP group filtering does not work on SMB/CIFS external storage

Hi there,

I have defined SMB/CIFS external storages for Samba users.

These users may belong to several samba groups.

So my goal is to enable visibility to samba shares for each user according to his group membership.

When I grant “group1” visibility to “smb_share1” it does not work if the user is not a member ou the SAMBASHAREGROUP

For instance, let’ define:

on Samba:


    "user1" is a LDAP member of "group1"
    "user2" is a LDAP member of "group2"

    "group1" is granted Read/Write privileges on share "my_shared_space"
    "group2" has no access to "my_shared_space"

on Nextcloud:

    "my_shared_space" is set as SMB/CIFS external share with visibility granted to "group1"


when logged in Nextcloud, "user1" does not see "my_shared_space"

When setting “not group” (means visibility to ALL):

"user1" does have access to "my_shared_space" as expected
"user2" has also visibility on "my_shared_space"
"my_shared_space" appears red colored to "user2" since the mount cannot be achieved (user2 has no grant)

But my goal is:
display “my_shared_space” only to granted users i.e. “group1” members

My current Nextcloud config:

Nextcloud: 13.0.1
LDAP user and group backend: 1.3.1
External storage support: 1.4.1