[user_ldap] populate user profile from LDAP/AD

In Nextcloud Version 27 functionality is added to user_ldap, for importing user profile data from LDAP directory. Here some information about how to use it.

First things first. Please be aware.

  • The user can change the data in profile, but it will get overwritten if changed in LDAP
  • The user can change the visibility scope in profile
  • The default visibility can be adjusted with setting the account_manager.default_property_scope array in config.php
  • If multiple attribute values are present, only the first distributed value is used
  • Having misformatted data in LDAP will most probably leave you with empty user profile fields
  • setting an non-existing attribute name will empty the profile field, for all LDAP users

configure LDAP/AD backend

  1. enable App LDAP user and group backend
  2. configure LDAP/AD integration

user profile data specifics

  1. identify/plan/prepare LDAP attributes to use
  2. populate/update LDAP data
  3. configure LDAP attributes mapping LDAP/AD integration - Advanced Settings - User Profile Attributes

user profile properties data and formatting

  • single values
  • maximum 2048 characters
  • Phone number in international E.164 notation without dashes +[country][area][phone] for example +4966612345678
  • Website with https:// or http:// schema prefix
  • Address is a single line location. For example town, country or somewhere out here. If using postalAddress syntax the dollar will be replaced with comma to ensure single line value.
  • Twitter account name @username (i suggest with leading @)
  • Fediverse account name @username@host.domain (i suggest with leading @)
  • Organisation name e.g. awesome Inc.
  • Role or job title e.g. service desk
  • Headline
  • Biography is multi line value with unix LF line ending.
1 Like