Ldap homeDirectory users cant create files

permission_setting
ldap
#1
Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 12.0.2): 15.0.7
Operating system and version (eg, Ubuntu 17.04): Arch Linux
Apache or nginx version (eg, Apache 2.4.25): 1.14.2
PHP version (eg, 7.1): 7.3.4

The issue you are facing:

Users that are logging in from ldap can’t create files inside their homeDirectory.
Also unless I create files and sorts inside homeDirectory nextcloud just crashes
Is this the first time you’ve seen this error? (Y/N): yes

Steps to replicate it:

  1. use ldap as backend or use users from PAM
  2. logging as ldap user
  3. see

The output of your Nextcloud log in Admin > Logging:

PASTE HERE

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'datadirectory' => '/var/lib/nextcloud/data',
  'instanceid' => '22222',
  'appstoreenabled' => false,
  'cache_path' => '/var/lib/nextcloud/cache',
  'passwordsalt' => 'RLY'
  'secret' => 'RLY'  'trusted_domains' => 
  array (
    0 => 'RLY',
  ),
  'dbtype' => 'pgsql',
  'version' => '15.0.7.0',
  'overwrite.cli.url' => 'https://cloud.thaodan.de',
  'dbname' => 'nextcloud',
  'dbhost' => '/run/postgresql',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'nextcloud',
  'dbpassword' => 'FIXME,
  'installed' => true,
  'ldapIgnoreNamingRules' => true,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
'log_type' => 'systemd,
'loglevel' => 1,
'log_query'

How can I make my logs anonymous?
Without shoving server/ldap data?

Finally should /home/$USER by owned by nextcloud or the user?

#2

To answer my own question: nextcloud checks if the group of a file is his main group and thinks it can’t write it if its not the main group of the nextcloud user is.
A bit of background:
I use the group users to share data between users on my server.
I put nextcloud in the users group in addition to the nextcloud main group.
Now that nextcloud belongs to users as main group it works.

1 Like