My comments on the above:
It's great that now it's working! The Base DN propagation from NS to NC still needs to be fixed, though. That being said, I also think the following two features would be very useful:
1.The ability to manually specify the base DN (currently it is implied from the NS host name). This comes in handy when the LDAP server has subdomains. In my case, I have the following structure:
- Base DN: dc=example,dc=com
- Customer 1: vd=customer1.com,o=hosting,dc=example,dc=com
- Customer 2: vd=customer2,com,o=hosting,dc=example,dc=com
- and so on
If I want to have one NS per customer, then I am forced to name them like this: ns-customer1.example.com, ns-customer2.example.com, otherwise NS is unable to connect to the LDAP server. This has many implications, for example when requesting a certificate, when using email etc. Ideally, I could name each NS like this: nethserver.customer1.com, nethserver.customer2.com etc.
2.The ability to specify the base user tree and base group tree. For example, in my case, I could have:
NS host name: nethserver.customer1.com
Base DN: dc-example,dc=com
Base User tree: vd=customer1.com,o=hosting,dc=example,dc=com
Base Group tree: vd=customer1.com,o=hosting,dc=example,dc=com
This way, each customer could have its own NS with access to only its users and groups and the users and groups would have the proper email address (firstname.lastname@example.org). Base user tree and base group tree would also need to be propagated to the installed packages, for example in NextCloud LDAP Advanced settings page.
Thanks and have a nice weekend everyone!