Am 14.03.16 um 00:14 schrieb Arthur Schiwon:
Hi Mark,
I don't have a forum acc, but please find pointers in line to each
link. Hope that's OK this way.
On Sat, 12 Mar 2016 21:51:11 +0100
Mark Ziegler <[email protected]> wrote:
Hello Arthur,
the last days we have a lot of ldap questions in our forums.
Some links:
https://forum.owncloud.org/viewtopic.php?f=36&t=34263
Blank page after login → program error. Should check log, unlikely that
there is anything wrong with a filter. He does not mention his OC
version, might be already fixed in current stable release. Otherwise,
bug report please.
https://forum.owncloud.org/viewtopic.php?f=38&t=34261
Woah, too broad :D
Either he does not know about LDAP, then I recommend the search engine
of his least mistrust. Otherwise our LDAP Backend doc
https://doc.owncloud.org/server/8.2/admin_manual/configuration_user/user_auth_ldap.html
Probably it'd be also useful to browse the ownCloud forum on it ;)
https://forum.owncloud.org/viewtopic.php?f=38&t=34255
Logs? Cannot login with 500, similar to the first entry.
https://forum.owncloud.org/viewtopic.php?f=36&t=34221
When a user has changed his LDAP password (i.e. via Windows-account)
then ownCloud will notice this at next login via webinterface and
asks for old and new password. Right?
Yes.
When user has entered old and new password correctly then the users
private key is decrypted with old password and re-encrypted with the
new password. Right?
Yes.
https://forum.owncloud.org/viewtopic.php?f=31&t=33464
So what is the best way to make this migration happen and have the
existing users map correctly? My thinking:
Parse the values in the table "oc_ldap_user_mapping", then add a new
record using the new DN (from FreeIPA) and existing "owncloud_name"
UUID.
Insert won't work, due to DB keys. Instead, have a backup and overwrite
the old DN and the old UUID with current values.
Would it be wise/useful to specify the mapping for directory_uuid
with the value from FreeIPA's "ipaUniqueID"?
Yes. Will affect new users only. Therefore, updating the old users as
mentioned above is a very good idea.
Do any other tables need to be modified?
No, as long as the owncloud_username is not changed, not.
https://forum.owncloud.org/viewtopic.php?f=38&t=34249
Now I need to migrate local users to use LDAP, so that our ownCloud
users can login with their LDAP credentials. How that can be done?
There's neither an existing or tested solution for it.
As always, have a backup!
Basically he'd configure the LDAP backend, change the owncloud_username
in the oc_ldap_user_mappings table to the corresponding local user and
remove the corresponding local users from oc_users table (do not
delete users from users page as it will delete their files just as
well).
The "User Home Folder Naming Rule" setting must be left blank, so
user's will keep their directory.
Backup!!!
A test run on a test installation is probably a great idea.
Hopefully you have a some minutes to have a view.
Users would appreciate it.
Cheers,
Mark
Cheers
Arthur
Hello Arthur,
just back from a really challenging exhibition *** yawning ***
Thanks for you answers.
Will try to provide feedback to users based on you answer.
It would be really nice if you would create account at forums and spent
15 minutes a week for ldap related questions.
Users would really appreciate it!
Cheers,
Mark
--
Wenn die Sonne der Ästhetik tief steht, dann werfen auch die Buckligen
lange Schatten.
_______________________________________________
User mailing list
[email protected]
http://mailman.owncloud.org/mailman/listinfo/user
