Transfer OIDC user to local user
-
Hey,
I would like to simplify the IT infrastructure for our team (all non-nerds). Most of them don't need access to the various Cloudron apps or the built-in email server, but only use Nextcloud. Therefore, I would like to create new users directly in Nextcloud in the future to simplify the login process. That's no problem. However, I have a handful of users who currently log in via OIDC, and I would like to switch them over. Is that even possible? Transfer a user provided by Cloudron to a local user and keep all files, shared links, and groups (groups are set up in Nextcloud anyway).
Best,
David -
Hey,
I would like to simplify the IT infrastructure for our team (all non-nerds). Most of them don't need access to the various Cloudron apps or the built-in email server, but only use Nextcloud. Therefore, I would like to create new users directly in Nextcloud in the future to simplify the login process. That's no problem. However, I have a handful of users who currently log in via OIDC, and I would like to switch them over. Is that even possible? Transfer a user provided by Cloudron to a local user and keep all files, shared links, and groups (groups are set up in Nextcloud anyway).
Best,
DavidHello @david-0
Is that even possible?
No and maybe yes.
Let me be blunt.
Nextcloud does not make it easy for you to switch users from one provider to another.
There is: https://apps.nextcloud.com/apps/user_migration but I doubt it does what you need.I have done this once but for LDAP to local user and did write down the steps I took.
So this might work the same way for OIDC users, but the SQL queries need to be altered acordingly.
Nextcloud LDAP to Local User Migration
Yes, it is possible, but each user must then be assigned a password.
This can be done manually or scripted.Post:
https://help.nextcloud.com/t/import-ldap-users-get-rid-of-ldap/56629/11commands used:
Enable Maintenance mode
sudo -u www-data php -f /app/code/occ maintenance:mode --onUsers that will see a change of login id after the process
SELECT * FROM oc_ldap_user_mapping WHERE owncloud_name != directory_uuid;Name clashes between normal and LDAP users.
SELECT uid FROM oc_users, oc_ldap_user_mapping WHERE owncloud_name=uid;Name clashes between normal and LDAP groups
SELECT gid FROM oc_groups, oc_ldap_group_mapping WHERE gid = owncloud_name;Create one normal user per LDAP user.
INSERT INTO oc_users (uid, uid_lower) SELECT owncloud_name, owncloud_name FROM oc_ldap_user_mapping;Create on normal group per LDAP group.
INSERT INTO oc_groups (gid) SELECT owncloud_name FROM oc_ldap_group_mapping;Disable the user_ldap app
sudo -u www-data php -f /app/code/occ app:disable user_ldapRemove LDAP user bindings.
DELETE FROM oc_ldap_user_mapping;Remove LDAP group bindings
DELETE FROM oc_ldap_group_mapping;Remove LDAP group memberships
DELETE FROM oc_ldap_group_membership;Disable Maintenance mode
sudo -u www-data php -f /app/code/occ maintenance:mode --off
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login