[prev in list] [next in list] [prev in thread] [next in thread]
List: owncloud
Subject: Re: [owncloud-user] LDAP issues
From: Mark Ziegler <mark.ziegler () rakekniven ! de>
Date: 2016-03-20 17:17:12
Message-ID: 56EEDB18.301 () rakekniven ! de
[Download RAW message or body]
Am 14.03.16 um 00:14 schrieb Arthur Schiwon:
> Hi Mark,
>
> I don't have a forum acc, but please find pointers in line to each
> link. Hope that's OK this way.
>
> On Sat, 12 Mar 2016 21:51:11 +0100
> Mark Ziegler <mark.ziegler@rakekniven.de> wrote:
>
>> Hello Arthur,
>>
>>
>> the last days we have a lot of ldap questions in our forums.
>>
>> Some links:
>> https://forum.owncloud.org/viewtopic.php?f=36&t=34263
> Blank page after login → program error. Should check log, unlikely that
> there is anything wrong with a filter. He does not mention his OC
> version, might be already fixed in current stable release. Otherwise,
> bug report please.
>
>> https://forum.owncloud.org/viewtopic.php?f=38&t=34261
> Woah, too broad :D
> Either he does not know about LDAP, then I recommend the search engine
> of his least mistrust. Otherwise our LDAP Backend doc
> https://doc.owncloud.org/server/8.2/admin_manual/configuration_user/user_auth_ldap.html
>
> Probably it'd be also useful to browse the ownCloud forum on it ;)
>
>> https://forum.owncloud.org/viewtopic.php?f=38&t=34255
> Logs? Cannot login with 500, similar to the first entry.
>
>> https://forum.owncloud.org/viewtopic.php?f=36&t=34221
>>> When a user has changed his LDAP password (i.e. via Windows-account)
>>> then ownCloud will notice this at next login via webinterface and
>>> asks for old and new password. Right?
> Yes.
>
>>> When user has entered old and new password correctly then the users
>>> private key is decrypted with old password and re-encrypted with the
>>> new password. Right?
> Yes.
>
>> https://forum.owncloud.org/viewtopic.php?f=31&t=33464
>>> So what is the best way to make this migration happen and have the
>>> existing users map correctly? My thinking:
> Parse the values in the table "oc_ldap_user_mapping", then add a new
> record using the new DN (from FreeIPA) and existing "owncloud_name"
> UUID.
>
> Insert won't work, due to DB keys. Instead, have a backup and overwrite
> the old DN and the old UUID with current values.
>
>>> Would it be wise/useful to specify the mapping for directory_uuid
>>> with the value from FreeIPA's "ipaUniqueID"?
> Yes. Will affect new users only. Therefore, updating the old users as
> mentioned above is a very good idea.
>
>>> Do any other tables need to be modified?
> No, as long as the owncloud_username is not changed, not.
>
>> https://forum.owncloud.org/viewtopic.php?f=38&t=34249
>>> Now I need to migrate local users to use LDAP, so that our ownCloud
>>> users can login with their LDAP credentials. How that can be done?
> There's neither an existing or tested solution for it.
>
> As always, have a backup!
>
> Basically he'd configure the LDAP backend, change the owncloud_username
> in the oc_ldap_user_mappings table to the corresponding local user and
> remove the corresponding local users from oc_users table (do not
> delete users from users page as it will delete their files just as
> well).
>
> The "User Home Folder Naming Rule" setting must be left blank, so
> user's will keep their directory.
>
> Backup!!!
>
> A test run on a test installation is probably a great idea.
>
>> Hopefully you have a some minutes to have a view.
>> Users would appreciate it.
>>
>> Cheers,
>> Mark
>>
> Cheers
> Arthur
>
Hello Arthur,
just back from a really challenging exhibition *** yawning ***
Thanks for you answers.
Will try to provide feedback to users based on you answer.
It would be really nice if you would create account at forums and spent
15 minutes a week for ldap related questions.
Users would really appreciate it!
Cheers,
Mark
--
Wenn die Sonne der Ästhetik tief steht, dann werfen auch die Buckligen lange Schatten.
_______________________________________________
User mailing list
User@owncloud.org
http://mailman.owncloud.org/mailman/listinfo/user
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic