A forum topic is not a problem ticket. And topics from two years ago aren’t especially helpful in what’s an ongoing discussion.
I understand that you want to have the ldapservice account have the attribute isCriticalSystemObject set to TRUE. Apparently that will help hide it from some lists. So what?
When I create a ticket on GitHub, team says to create a post in the forum.
That doesn’t make it a ticket, and if they’ve asked to to raise issues in forum topics, that doesn’t mean you should open a GitHub ticket.
You’ve now posted five times in this topic, and you have yet to give any indication of what the actual (perceived) problem is. You want that attribute to be set, clearly. But why?
The problem is that the account has not “isCriticalSystemObject=TRUE” and it is showed in address book of applications.
For example, Administrator account has “isCriticalSystemObject=TRUE” and a lot others.
Yes, I did in in the past so why the hell you just opened the ldapservice account has not "isCriticalSystemObject=TRUE" · Issue #6547 · NethServer/dev · GitHub? 
@dan35: “A forum topic is not a problem ticket. And topics from two years ago aren’t especially helpful in what’s an ongoing discussion.”
You’ve repeated this same information now 6 times.
The bit of Information missing is: WHICH Account are you talking about ?
You always write “the account”!!!
Please give accountname / username or whatever…
My 2 cents
Andy
I have specified several times: ldapservice
Hi
You CAN use stephdl’s modul PHPLDAPadmin to view / modify LDAP entries on AD / LDAP.
I use Nextcloud a lot. None of my users have this attribute you’re talking about (“isCriticalSystemObject=TRUE”), even if “Show internal attributes” is set in the PHPLDAPadmin query…
Admin does NOT have that, neither my USER.
The ldapservice user is NOT shown in Users / Groups in Cockpit, this is correct.
Where did you get this strange information about this attribute?
How was AD / LDAP installed on your server?
It seems to me you’re mixing up instructions from the Internet about Nextcloud running elsewhere, not on NethServer…
My 2 cents
Andy
Please look the ldapservice account is showed in Roundcube, SOGo, ejabberd, etc.
I don’t use SoGo (Why should I, when NextCloud is working very well?) nor ejabberd.
But I do use Roundcube a lot. Roundcube does NOT normally show a user-list…
???
How about a screenshot or two?
-> If possible, please set the language to english BEFORE doing the screenshot !
No it is not good in Nextcloud too.
For screenshots, you can see my old posts:
These are VERY Old Posts…
I see you complaining - for example - about no groups, but you never showed if you tried to create groups.
To hide unneeded (eg AD system users / groups) in Nextcloud, I create a group nextcloud-users.
I use that as primary filter in NextCloud’s LDAP/AD Config panel.
If NO Password is set on the users admin and administrators, those users exist, but are not usable. This is normal in NethServer. Indeed, Microsoft doesn’t set a Password in Windows10 for the Administrator, so that user exists, and is not workable.
AD is from Microsoft, and Samba’s AD does a good job of replicating the services, look & feel of AD.
-> It seems to me you have certain understanding problems of how users / groups work.
And NOT mixing up solutions for different problems gathered from Google / Internet.
Some questions?
Have you created any groups in AD / NethServer?
-> Show them with a current screenshot.
Have you ever enabled either admin or administrator users (By setting a password?).
-> Show the current status of those two users.
You have yet to explain where you saw this “strange” suggestion: “isCriticalSystemObject=TRUE”…
In Google, I only see your entries and some cyrillic, russian stuff. Note: not much cyrillic users seem to use NethServer…
Only 5 entries in Google for:
nextcloud “isCriticalSystemObject=TRUE”
There are plenty of suggestions for just “isCriticalSystemObject=TRUE”, but ALL concern only Microsoft AD on Microsoft !!!
My 2 cents
Andy
Thanks for explanation, after it and reading the following posts I think I understand your problem.
At the moment I have no connection to a samba ad, but I think you can manage it also from a windows client with rsat tools. For Microsoft AD it works with the next steps:
isCriticalSystemObject and change the value to trueFor the next time please think of giving us some more informations in your question. Then more informations we have, then more we can help. And please try to explain your problem for people who are not specialised for this theme, so more people can try to help. In my opinion much sysadmins are allrounder, but they have to read a little bit for understanding themes they are not specialised for. If you want us to help, we have to understand your problem, to know what we are searching for.
Thanks for your reply!
But what is the code line to add at creation?
Thanks in advance.
cc @giacomo.
You just can’t because samba-tool doesn’t support it.
If you want, you can try with RSAT tools.
@giacomo: Ok but how it is done for other accounts?
Same to groups (for examples):
Add here:
- replace: "isCriticalSystemObject" isCriticalSystemObject: TRUE - replace: "showInAdvancedViewOnly" showInAdvancedViewOnly: TRUE
@giacomo: How it is possible to test it?
“replace” in my previous comment but can be “add”.
Thanks in advance.