Partition users using LDAP

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Partition users using LDAP

Tornóci László
Hi,

it occurred to me, that you could use in the advanced LDAP settings (OC
4.5) the "User Home Folder Naming Rule" to partition users into several
different directories rather then to put all of them into the default
"data/".
Setting the LDAP "User Home Folder Naming Rule" = myHomeAttr
and giving each user a value like "dir1/dir2/username" for this
attribute seems to work (of course you must set up your LDAP to have
this attribute).

Is this allowed to do? It looks like a nice feature if you have lots of
users.

                                        Yours: Laszlo
_______________________________________________
Owncloud mailing list
[hidden email]
https://mail.kde.org/mailman/listinfo/owncloud
Reply | Threaded
Open this post in threaded view
|

Re: Partition users using LDAP

Arthur Schiwon (Blizzz)
On Tuesday, January 15, 2013 07:22:48 PM Tornóci László wrote:

> Hi,
>
> it occurred to me, that you could use in the advanced LDAP settings (OC
> 4.5) the "User Home Folder Naming Rule" to partition users into several
> different directories rather then to put all of them into the default
> "data/".
> Setting the LDAP "User Home Folder Naming Rule" = myHomeAttr
> and giving each user a value like "dir1/dir2/username" for this
> attribute seems to work (of course you must set up your LDAP to have
> this attribute).
>
> Is this allowed to do? It looks like a nice feature if you have lots of
> users.

Yes!
Just make sure, the permissions are correct, i.e. the webserver user must be
able to read and write.

Cheers
Arthur

>
> Yours: Laszlo
> _______________________________________________
> Owncloud mailing list
> [hidden email]
> https://mail.kde.org/mailman/listinfo/owncloud
_______________________________________________
Owncloud mailing list
[hidden email]
https://mail.kde.org/mailman/listinfo/owncloud
Reply | Threaded
Open this post in threaded view
|

Re: Partition users using LDAP

Tornóci László
Hi Arthur,

On 01/15/2013 10:43 PM, Arthur Schiwon wrote:

> On Tuesday, January 15, 2013 07:22:48 PM Tornóci László wrote:
>> it occurred to me, that you could use in the advanced LDAP settings (OC
>> 4.5) the "User Home Folder Naming Rule" to partition users into several
>> different directories rather then to put all of them into the default
>> "data/".
>> Setting the LDAP "User Home Folder Naming Rule" = myHomeAttr
>> and giving each user a value like "dir1/dir2/username" for this
>> attribute seems to work (of course you must set up your LDAP to have
>> this attribute).
>>
>> Is this allowed to do? It looks like a nice feature if you have lots of
>> users.
>
> Yes!
> Just make sure, the permissions are correct, i.e. the webserver user must be
> able to read and write.

Thank you for your response. This is very nice. I tested a bit, and
noted, that "files_external" and "files_version" are created in BOTH
"data/USERNAME" and in the directory given by LDAP attribute for home
dir, however the directories in "data/USERNAME" never seem to be used.
Is it correct to say that this is a bug in 4.5 that is harmless? So is
it ok to go ahead and use this advanced feature in LDAP?

Related to this: can you later on relocate the user home dir in the
filesystem and change the value of the LDAP attribute accordingly
without OC complaining? That would be VERY nice even if you are not
allowed to change the username!

One more thing: it is rather awkward that you are not allowed to have
accented characters in user and group names. Are there any plans in the
future to introduce additional LDAP attributes for user and group names
with accented chars that are only _displayed_ for the users?

                                                Yours: Laszlo

_______________________________________________
Owncloud mailing list
[hidden email]
https://mail.kde.org/mailman/listinfo/owncloud
Reply | Threaded
Open this post in threaded view
|

Re: Partition users using LDAP

Arthur Schiwon (Blizzz)
Sorry for the late answer.

On 01/16/2013 08:24 AM, Tornóci László wrote:

> Hi Arthur,
>
> On 01/15/2013 10:43 PM, Arthur Schiwon wrote:
>> On Tuesday, January 15, 2013 07:22:48 PM Tornóci László wrote:
>>> it occurred to me, that you could use in the advanced LDAP settings (OC
>>> 4.5) the "User Home Folder Naming Rule" to partition users into several
>>> different directories rather then to put all of them into the default
>>> "data/".
>>> Setting the LDAP "User Home Folder Naming Rule" = myHomeAttr
>>> and giving each user a value like "dir1/dir2/username" for this
>>> attribute seems to work (of course you must set up your LDAP to have
>>> this attribute).
>>>
>>> Is this allowed to do? It looks like a nice feature if you have lots of
>>> users.
>>
>> Yes!
>> Just make sure, the permissions are correct, i.e. the webserver user
>> must be
>> able to read and write.
>
> Thank you for your response. This is very nice. I tested a bit, and
> noted, that "files_external" and "files_version" are created in BOTH
> "data/USERNAME" and in the directory given by LDAP attribute for home
> dir, however the directories in "data/USERNAME" never seem to be used.
> Is it correct to say that this is a bug in 4.5 that is harmless? So is
> it ok to go ahead and use this advanced feature in LDAP?

Yes, this is rather a bug. Would you mind creating a bug report for each
files_version and files_external here
https://github.com/owncloud/core/issues ?

> Related to this: can you later on relocate the user home dir in the
> filesystem and change the value of the LDAP attribute accordingly
> without OC complaining? That would be VERY nice even if you are not
> allowed to change the username!

Theoretically yes. But.
a) you need to copy the data manually. ownCloud will not move things around
b) since 4.5 LDAP remembers the path for each user and won't change it
to avoid finding empty folders. However, this is kind of stupid, as it
hinders admins to manager their systems. I intend to remove it again.

> One more thing: it is rather awkward that you are not allowed to have
> accented characters in user and group names. Are there any plans in the
> future to introduce additional LDAP attributes for user and group names
> with accented chars that are only _displayed_ for the users?

For ownCloud 5.0 we will have lovely User Names. Not so for group names,
however.

Cheers
Arthur

>
>                          Yours: Laszlo
_______________________________________________
Owncloud mailing list
[hidden email]
https://mail.kde.org/mailman/listinfo/owncloud
Reply | Threaded
Open this post in threaded view
|

Re: Partition users using LDAP

Tornóci László
Hi,

On 02/01/2013 07:29 PM, Arthur Schiwon wrote:
> Sorry for the late answer.

no problem.

>
> On 01/16/2013 08:24 AM, Tornóci László wrote:
>> Hi Arthur,
>>
>> On 01/15/2013 10:43 PM, Arthur Schiwon wrote:
>>> On Tuesday, January 15, 2013 07:22:48 PM Tornóci László wrote:
>>>> it occurred to me, that you could use in the advanced LDAP settings (OC
>>>> 4.5) the "User Home Folder Naming Rule" to partition users into several
>>>> different directories rather then to put all of them into the default
>>>> "data/".
>>>> Setting the LDAP "User Home Folder Naming Rule" = myHomeAttr
>>>> and giving each user a value like "dir1/dir2/username" for this
>>>> attribute seems to work (of course you must set up your LDAP to have
>>>> this attribute).
>>>>
>>>> Is this allowed to do? It looks like a nice feature if you have lots of
>>>> users.
>>>
>>> Yes!
>>> Just make sure, the permissions are correct, i.e. the webserver user
>>> must be
>>> able to read and write.
>>
>> Thank you for your response. This is very nice. I tested a bit, and
>> noted, that "files_external" and "files_version" are created in BOTH
>> "data/USERNAME" and in the directory given by LDAP attribute for home
>> dir, however the directories in "data/USERNAME" never seem to be used.
>> Is it correct to say that this is a bug in 4.5 that is harmless? So is
>> it ok to go ahead and use this advanced feature in LDAP?
>
> Yes, this is rather a bug. Would you mind creating a bug report for each
> files_version and files_external here
> https://github.com/owncloud/core/issues ?

I'll do that.

>> Related to this: can you later on relocate the user home dir in the
>> filesystem and change the value of the LDAP attribute accordingly
>> without OC complaining? That would be VERY nice even if you are not
>> allowed to change the username!
>
> Theoretically yes. But.
> a) you need to copy the data manually. ownCloud will not move things around

of course

> b) since 4.5 LDAP remembers the path for each user and won't change it
> to avoid finding empty folders. However, this is kind of stupid, as it
> hinders admins to manager their systems. I intend to remove it again.

That would be nice, indeed.

>> One more thing: it is rather awkward that you are not allowed to have
>> accented characters in user and group names. Are there any plans in the
>> future to introduce additional LDAP attributes for user and group names
>> with accented chars that are only _displayed_ for the users?
>
> For ownCloud 5.0 we will have lovely User Names. Not so for group names,
> however.

The user names are the most important. Thank you!

                                                Yours: Laszlo
>
> Cheers
> Arthur
>
>>
>>                          Yours: Laszlo

_______________________________________________
Owncloud mailing list
[hidden email]
https://mail.kde.org/mailman/listinfo/owncloud
Reply | Threaded
Open this post in threaded view
|

Re: Partition users using LDAP

almyz125
In reply to this post by Tornóci László
Tornóci László wrote
Hi,

it occurred to me, that you could use in the advanced LDAP settings (OC
4.5) the "User Home Folder Naming Rule" to partition users into several
different directories rather then to put all of them into the default
"data/".
Setting the LDAP "User Home Folder Naming Rule" = myHomeAttr
and giving each user a value like "dir1/dir2/username" for this
attribute seems to work (of course you must set up your LDAP to have
this attribute).
Hi, I just wanted to let you know, I've come up with a way to use owncloud for each users "Home" drive. This works with "H" drives that have already been set up and have files in them. Its a way to provide a nice front end to the already mapped H drives. If this still interest you check it out.

http://forum.owncloud.org/viewtopic.php?f=8&t=8456