How to add at ldapservice account at creation: "isCriticalSystemObject=TRUE"

Hello all,

I have found a problem, the ldapservice has not “isCriticalSystemObject=TRUE”, how it is possible to add at creation?

Thanks in advance.

Sorry I don’t understand the question. Can you explain it a little bit more?

  • How did you configure your LDAP
  • When do you get an error
  • where do you think isCriticalSystemObject=TRUE has to be set
  • What do you mean with add a creation

I’m not a developer, but perhaps I can help. I use the local ad by some of my customers and it works fine.

The problem is that the account is showed in AD/LDAP.

This account has not “isCriticalSystemObject=TRUE”.

NethServer must to add this at creation of the account.

Which account do you mean? A user account?
All user accounts should be shown at Users/Groups, also an administrator.

I really want to help you, or find the right people who could help you, but you have to give us more informations.

  • tell us what you try to achieve
  • tell us something about your configuration, like local ad or remote ad…
  • tell us why the account should be a Critical System Object
  • tell us which account you mean and why it should not be shown
  • tell us, if it is not a standard user account like administrator, what jobs the account should do

A good thread for writing a good questions to a forum you can find at the following link:

1 Like

Do you understand me?

The problem is not new, I have published tickets here:

To hide, it is needed to have “isCriticalSystemObject=TRUE”.

How to add at ldapservice account?

A forum topic is not a problem ticket. And topics from two years ago aren’t especially helpful in what’s an ongoing discussion.

I understand that you want to have the ldapservice account have the attribute isCriticalSystemObject set to TRUE. Apparently that will help hide it from some lists. So what?

When I create a ticket on GitHub, team says to create a post in the forum.

On GitHub:

That doesn’t make it a ticket, and if they’ve asked to to raise issues in forum topics, that doesn’t mean you should open a GitHub ticket.

You’ve now posted five times in this topic, and you have yet to give any indication of what the actual (perceived) problem is. You want that attribute to be set, clearly. But why?

The problem is that the account has not “isCriticalSystemObject=TRUE” and it is showed in address book of applications.
For example, Administrator account has “isCriticalSystemObject=TRUE” and a lot others.

Yes, I did in in the past so why the hell you just opened the :man_facepalming:

@dan35: “A forum topic is not a problem ticket. And topics from two years ago aren’t especially helpful in what’s an ongoing discussion.”


You’ve repeated this same information now 6 times.

The bit of Information missing is: WHICH Account are you talking about ?
You always write “the account”!!!

Please give accountname / username or whatever…

My 2 cents

I have specified several times: ldapservice



You CAN use stephdl’s modul PHPLDAPadmin to view / modify LDAP entries on AD / LDAP.
I use Nextcloud a lot. None of my users have this attribute you’re talking about (“isCriticalSystemObject=TRUE”), even if “Show internal attributes” is set in the PHPLDAPadmin query…

Admin does NOT have that, neither my USER.

The ldapservice user is NOT shown in Users / Groups in Cockpit, this is correct.

Where did you get this strange information about this attribute?
How was AD / LDAP installed on your server?

It seems to me you’re mixing up instructions from the Internet about Nextcloud running elsewhere, not on NethServer…

My 2 cents

Please look the ldapservice account is showed in Roundcube, SOGo, ejabberd, etc.

I don’t use SoGo (Why should I, when NextCloud is working very well?) nor ejabberd.
But I do use Roundcube a lot. Roundcube does NOT normally show a user-list…


How about a screenshot or two?
-> If possible, please set the language to english BEFORE doing the screenshot !

No it is not good in Nextcloud too.

For screenshots, you can see my old posts:


These are VERY Old Posts…

I see you complaining - for example - about no groups, but you never showed if you tried to create groups.

To hide unneeded (eg AD system users / groups) in Nextcloud, I create a group nextcloud-users.
I use that as primary filter in NextCloud’s LDAP/AD Config panel.

If NO Password is set on the users admin and administrators, those users exist, but are not usable. This is normal in NethServer. Indeed, Microsoft doesn’t set a Password in Windows10 for the Administrator, so that user exists, and is not workable.
AD is from Microsoft, and Samba’s AD does a good job of replicating the services, look & feel of AD.

-> It seems to me you have certain understanding problems of how users / groups work.

And NOT mixing up solutions for different problems gathered from Google / Internet.

Some questions?

Have you created any groups in AD / NethServer?
-> Show them with a current screenshot.

Have you ever enabled either admin or administrator users (By setting a password?).
-> Show the current status of those two users.

You have yet to explain where you saw this “strange” suggestion: “isCriticalSystemObject=TRUE”…

In Google, I only see your entries and some cyrillic, russian stuff. Note: not much cyrillic users seem to use NethServer…
Only 5 entries in Google for:

nextcloud “isCriticalSystemObject=TRUE”

There are plenty of suggestions for just “isCriticalSystemObject=TRUE”, but ALL concern only Microsoft AD on Microsoft !!!

My 2 cents