Nextcloud cryptic usernames

v7
nextcloud

(Michael Träumner) #1

Hi,
I looked around at nextcloud a little bit more. The users which come from local AD don’t have a real username, it is cryptic. Can somebody confirm that.


Nextcloud 13 - Call for QA!
(Ralf Jeckel) #2

Looks identical.


(Marc) #3

Yes, it happens with LDAP and AD.
From Nextcloud manual:

Nextcloud uses usernames as keys to store and assign data. In order to precisely identify and recognize users, each LDAP user will have a internal username in Nextcloud. This requires a mapping from Nextcloud username to LDAP user. The created username is mapped to the UUID of the LDAP user.

The internal username is the identifier in Nextcloud for LDAP users. By default it will be created from the UUID attribute. The UUID attribute ensures that the username is unique, and that characters do not need to be converted.

The internal username is the default name for the user home folder in Nextcloud. It is also a part of remote URLs, for instance for all *DAV services.


(Michael Träumner) #4

If you open LDAP/AD Integration and then expert you can set

sAMAccountName

at “Internal Username” field. Every new user has the right username know, but not the already present users.
Can’t find a way to reload the AD/LDAP with changing the names.

If you try to share a folder it works with the real name or with the username, for users with the uuid you have to use this. It don’t work with the LDAP username.


(André Wismer) #5

Hi

As an old OwnCloud User I’d add the fact that the decision to use UUIDs was already made in OwnCloud, before the fork to NextCloud. Earlier, Usernames were used and visible in OwnCloud, then only these UUIDs. The reason was overlapping usernames, however that happened…

-> most likely culprit was the then fasionable conversion from ISO to UTF8 Formats - along with the ensuing mess. Some Distris, like SME-Server, “converted” the saved Samba Passwords to something not workable anymore… ;-(

Not really a good decison in my opinion, Usernames should be unique anyway.

The present UUID “feels” like a MS-License Key or the like to most IT users… :wink:

But that’s how it happened…

Andy


(Michael Träumner) #6

Can somebody tell me how to delete the users from nextcloud database and get them again from AD?
After that step I’ll have the right usernames because I added “sAMAccountName” at "Internal Username” field.

@dev_team Is it possible and could it be the right way to integrate the setting for "Internal Username” at the config of the installation package?


(Markus Neuberger) #7

You may change existing users like this (this would be scriptable). Please be careful as there are more admin’s and it should be a unique name. I tried it and it seems to work but please test before using in production.

mysql
update nextcloud.oc_ldap_user_mapping set owncloud_name = "USERNAME" where owncloud_name = "01829969-B18B-4VA7-8C40-B6B45D2X3CW1";
update nextcloud.oc_preferences set userid = "USERNAME" where userid = "01829969-B18B-4VA7-8C40-B6B45D2X3CW1";
exit;

(Dan) #8

The problem is that there are a bunch of tables in which user IDs appear, and in some of them, they appear in multiple fields. I dealt with something similar in migrating from my SME server, and did the find/replace across all fields of all tables–see this thread for some discussion of tools available to do that:


The one I went with was the link in my OP to interconnect/it.

You’d obviously want to take a backup of your database first.


(Alessio Fattorini) #9

Hi Michael, thanks for the heads-up
Should we improve NextCloud integration changing this field?
What do you think @alep ? Readability would be improved.


(Dan) #10

Migration would be a big concern here–anyone with existing installations would need major updates to the database, not to mention renaming all the user data directories. My solution (which was pretty much to find and replace database-wide) worked for me, but I haven’t seen any official answer of what should be (and, more importantly, what shouldn’t be) changed in this regard.