I am trying to setup LDAP authentication for Nextcloud, which is working fine for a smaller group.
But if I try to add bigger LDAP groups (i.e. group with more than 12000 users), then it works for some users but not for all of them.
So, my question is do I need to write a different type of query in LDAP configurations or do some change in the code on the Nextcloud server?
Thanks in advance
Is there anything in the Nextcloud logs when it doesn’t work?
I tried looking into nextcloud.log. But there isn’t anything (i.e. I can’t find anything relevant tot he username or the user id) but on the Logging tab I can see the folloiwng log:
"F4XXXXXX-5XXX-49XX-XX2-2XXXXXXX is not a valid user anymore"
But on the server when I search for username using OCC command, I can see that the user exsists.
sudo -u www-data php /var/www/nextcloud/occ ldap:search "USERNAME"
USERNAME ( F4XXXXXX-5XXX-49XX-XX2-2XXXXXXX)
It sounds like some users are present on the Nextcloud server, and others are not. You can try using
ldap:show-remnants to show which users are still present in Nextcloud, and
ldap:check-user to see which users are available in LDAP (taken from here).
The issue is fixed now
Actually all the users were present in Nextcloud, that is why is was getting the response back when I was using OCC command to query a particular user.
Anyways, the fix was to edit the Access.php file under /var/www/nextcloud/apps//user_ldap/lib/Access.php.
The paging file was set to 500, so I bumped it to 5000 and then 500,000. Which did the trick eventually.
Thanks a lot for looking into this.