I’m thinking about the password policies that exist in Nextcloud and Nethserver. I use a domain on my Nethserver and therefore use domain logins on my Nextcloud.
What password policy takes precedent when domain users login to Nextcloud. The Nethserver Password Policy or the Nextcloud one?
Will one password policy be ignored if the other is set? If so which way is the master password policy?
Does the Nextcloud Password policy only work for local users added to Nextcloud?
Any advice you can provide would be greatly appreciated.
Since the password is set in Samba4 AD accountprovider and Nextcloud is using that password, my gut feeling is that the NethServer password policy is used. When using Samba4 AD accountprovider, you never ever CHANGE the password in nextcloud. Nexcloud takes changes from NethServer accountprovider. @giacomo am I right here?
@greavette, do you use nextcloud local accounts? For those accounts nexcloud policy will be active since those accounts are not affected by Samba 4 AD accountprovider policy. (the nexcloud admin account is an example of a nextcloud local account)
To be honest, if you have Samab4AD running, I wouldn’t even think of using nexcloud local accounts.
I don’t use Nextcloud local accounts. Only domain accounts as that affords me more opportunities for user management through nextcloud. But since Nextcloud has a password policy I was wondering if that would affect the password policy set by Nethserver for my domain users. I’m assuming that if I used local nextcloud users along with domain users (why would I though! ) then the nextcloud password policy would apply to those local users only.
I just didn’t want to have a collision of password policies for my domain users if the nextcloud password policy got in the way.
Then I wouldnf’t bother setting a strict policy for nextcloud local users. Just use Samba users and have a NethServer password policy you need/want.
Nobrainer to still use a decent strong password for the local admin user.
) then the nextcloud password policy would apply to those local users only.