LDAP sync in Nextcloud
I'm a complete newbie with Cloudron, so please excuse me if I'm missing something obvious: I've installed the Nextcloud 18, using Cloudron users. after that I was able to see my demo LDAP user inside the Nextcloud. But when I create another user in Cloudron, I can't see it in the Nextcloud. I've tried to use its LDAP debugging tools - everything seems to be working, but new user and group aren't found.
What am I missing?
@miloskroulik My understanding is that LDAP sync in nextcloud takes around 10 mins for the user to reflect. If the user logs into nextcloud, it should start reflecting immediately.
I've just tried that again, the user is still not seen by the Nextcloud. So the only option is user logging into Nextcloud?
@miloskroulik In some forums for OC, I have seen an occ command that one can run manually - https://central.owncloud.org/t/oc10-0-10-ldap-integration-and-users-sync/17048 . I am going to try this now and see if it works in nextcloud.
@miloskroulik OK, found it. Try this in the web terminal of the nextcloud app.
sudo -u www-data php -f /app/code/occ ldap:check-user --update <username>
I find that the sync happens sometimes but sometimes not. There seems to be no clear docs on how to set a sync interval.
sudo -u www-data php -f /app/code/occ ldap:check-user --update
Thanks, unfortunately, it didn't help. First of all, while this might work, the fact that it requires a username of a user means that I can't set up CRON command to sync users easily.
But I also wasn't able to make it work when using email address of user as a username (I didn't find a way to specify separate username), it simply fails with
The given user is not a recognized LDAP user. Which probably makes sense, because
sudo -u www-data php -f /app/code/occ help ldap:check-usersays that the parameter should be
the user name as used in Nextcloudso it looks like it's intended to resync users that are already synced to Nextcloud.
@miloskroulik Might be best to take this up in the nextcloud forum. Atleast, I can't find any docs on when the syncing happens and how it can be triggered manually.
--update <username>did end up doing a proper ldap search in my installation (as seen in the
/home/yellowtent/platformdata/logs/box.log). I had run ldap:list (or maybe it was ldap:search, i forget) previously and it did not list the user. After the update, it listed the user.