Nextcloud version: 19.0.4
Operating system and version: Debian 10.6
Apache 2.4.38-3+deb10u4
PHP version: 7.3
LDAP Server: samba 2:4.9.5+dfsg-5+deb10u1
I have made a successful ldap configuration. Counting groups and users gives the expected results. I have some earlier users, also ldap, which work fine. A user I added lately to the group which I pull can be tested (“LDAP / AD Integration”) and the test is successful. When I go to the contacts icon in the top right, (second icon from the right) he is shown in the dropdown list. He can log on and has a data directory. However:
- I cant share a folder with that user. It is not offered in the list. All other users are available. I tried GUID, name, samAccountName, single letters, global search. Nothing.
- He is not listed in the user page (top right icon, “Users”). Not in any group, not in “Everyone” (actually no ldap user is), but also not in the ldap groups which are listed and contain the older existing users.
What I tried:
- restart apache, host.
- clean up with occ ldap:show-remnants and user:delete; there were many leftovers from trying different groups
- ldap expert settings “nested groups” (which resulted in entirely empty ldap groups, so I switched back, but that is a different issue)
The search filter for users looks like:
(&(|(objectclass=user))(|(|(memberof=CN=Nextcloud_user,OU=Ref16,OU=COMP-Groups,DC=our,DC=domain)(primaryGroupID=5261))))
(Like I wrote, it works fine when I enumerate users in the LDAP configuration.)
How could I debug the LDAP search further, find out what’s wrong?
Thanks in advance for everyone with some help or insight.