Well, I have solved my own issues. It appears that at some point the user database got duplicates in it, causing this issue. The steps I took to find/solve the issue:
Show remnants of LDAP users that were deleted:
sudo -u www-data php occ ldap:show-remnants
What I saw was a bunch of users that had two usernames. For example, JSmith and JSmith_1234 where the 1234 was a random number. I have seen this in other posts, such as:
I think something either happened because I had two LDAP servers set up to the same directory or at some point the guy that was the Nextcloud admin before me had started to pull in the whole directory. Also, rather than using the displayName as the UID, I thought it might be better to use the mailNickname. Since I only had 50 users in the system and no real data to speak of, I decided to remove the users, make the changes, remove all the remnants and re-add the users (and data for those that had it).
Change the internal Username Attribute to mailNickname under Expert in LDAP/AD Integration.
Remove a user or group of users from the AD group(s)
Facilitate the changes in Nextcloud by clicking on ‘Verify settings and count users’, then ‘Verify settings and count the groups’, and finally https://nextcloud.mydomain.com/cron.php to force the cron.
Re-run the show-remnants command from above until the user was listed as deleted.
Copy the user data to a temp location in the server and remove the remnants:
cp -rf /var/ncdata/JSmith /var/ncdata/John
sudo -u www-data php occ user:delete JSmith
Add the user to the group(s) in AD, facilitate the changes again.
Have the user login and log out of Nextcloud…this creates their profile directory again.
Copy the user data back in to their directory. The first time, it “didn’t work”, meaning that they could not see their data. This can be achieved by adding a line to your config.php, which I found here:
Data was back, and the user just had to re-share it. Another way to accomplish the data backup and restore was to have the user load the client, sync their data, then go through the deletion process and use the client to push the data back up.
After removing all users from the system, and all the remnants from the extra users (underscore plus four numbers users), and making the UID change, my sharing works the way it did before I started having problems. I also added the second LDAP server as a “Backup (Replica) Host” under LDAP/AD Integration > Advanced > Connection Settings, instead of as a second LDAP server.