Re: [Owncloud] Users LDAP storage related issues

Sat, 03 Mar 2012 04:20:23 -0800 

On 2012-02-29 19:46, Arthur Schiwon wrote:

On Tuesday 28 February 2012 14:27:36 Aleksander Machniak wrote:
- Authenticating against LDAP does not create the owncloud equivalent of a user account, and therefore sharing with permissions is not working, 


These are two different things. Sharing with permissions is not 
dependent on

local accounts. Is there another reason for them?




Correct me if I'm wrong, but I thought ownCloud saved the (user, group) 
permissions on files shared, amongst other things, in it's own database.



I'm seeing owncloud.oc_sharing be filled with a uid_owner (my LDAP 
UID), and I'm seeing sharing only be possible with local database user 
accounts (not other LDAP accounts).



I think it is easiest to acknowledge the users end up in the database's 
users table, with a proper user_id, and refer back to that user_id in 
other tables (such as sharing) instead of continuously referring to a 
'uid' - because of renames of people.



The same goes for groups, really, and ultimately you may want to 
indicate the authentication and authorization database (type) these 
users could have originally come from (i.e. the users and groups tables 
get an LDAP tree identifier added to them).



If you wanted, you could then detect renames by adding yet another 
column that holds the persistent, unique identifier for LDAP entries 
(usually entryUUID, or nsUniqueID, or something custom).



You would then search for the entry in LDAP, get its unique identifier, 
search your own tables for said identifier, either create a new entry or 
update an existing entry.



Alternatively, some sort of API call could cause a synchronization 
daemon (Kolab does this a lot, I'm working on the parts that make this 
happen for Roundcube at this very moment), to issue a rename, add or 
delete.


Thoughts?

Kind regards,

Jeroen van Meeuwen

--
Systems Architect, Kolab Systems AG

e: vanmeeuwen at kolabsys.com
m: +44 74 2516 3817
w: http://www.kolabsys.com

pgp: 9342 BF08
_______________________________________________
Owncloud mailing list
[email protected]
https://mail.kde.org/mailman/listinfo/owncloud






















					Reply via email to