Adm look and access everything

error · August 27, 2019, 5:41pm

Hello, Community …

How to make admin view all users files?
I am only viewing as sharing folders, but web does not show a root mass of users.

thank you!

alfredb · August 27, 2019, 7:32pm

This is IMHO not an admin task. How about the users privacy?

error · August 27, 2019, 7:58pm

hi… Alfredb

The server is corporate and not public, the files are the property of the company and not personal users.
Just as we have an AD administration (active directory) samba or windows server …

what is 'IMHO ’ ?!

ty

cs35 · August 28, 2019, 7:29am

Hello,

I’m having almost the same opinion as @alfredb even though I run several corporate ownCloud instances, I wouldn’t go check on users files, it’s not directly the job of an admin. If your concern is about disk space, you can set quota per user. If you’re afraid users would upload anything, I’d suggest running one corporate instance, and one “fun” instance. Even though you’d do some split, you might have some uploads such as pornography or far worst, where the admin has to do some cleaning according to your country’s law (EU’s law) or you company’s policy.
Anyway, you could see all the files, obviously not from the UI.
Could you explain more why you want to see all the content of your users ? Is it a law/policy problem ?
About IMHO.

eneubauer · August 28, 2019, 9:23am

You could have each user share their files with the admin?

Otherwise you could impersonate a user whose files you’d have to have a look at. It’s an additional application that you have to install in your instance. More information on how it works and limitations here:

IMHO := in my humble opinion

cs35 · August 28, 2019, 9:37am

Although I understand the purpose of the impersonate app, I really wouldn’t suggest using it, it really is a privacy breaker Not sure if it already has it, but I’d suggest having a token that the impersonated user should validate for the admin to do so, a bit like you do with teamviewer (not an ad).
People are already scared about their data and privacy (which is good, at least to be concerned), if on top of that you impersonate their accounts to check on their data they will never trust you, even on a company level.
If you have a clear policy and disclaimer well broadcast then I suppose that yes you could use that kind of app.

eneubauer · August 28, 2019, 9:46am

While I do understand your and @alfredb concerns, I also think that this post is not the place to discuss it. Perhaps @error has a valid use case, we don’t know. And in the end, as long as you don’t have end to end encryption you will always have to trust some administrator.

cs35 · August 28, 2019, 9:54am

Fair point about having to trust the admin anyway, I just wanted to emphasize the fact that the admin has much power and should communicate over it to keep a trust level.

alfredb · August 29, 2019, 6:11am

I think, if someone tries to use beloved ownCloud for a purpose it was not made for, this is worth to discuss. Far better than adapting a “solution” with various hacks, ending up in another unsatisfied user.

Just my 2 cents.