Disable ldap authentication

I use the LDAP Integration App for user authentication with my owncloud. It’s working but I don’t want to use it anymore. I would like to change my users with LDAP authentification to normal backend users where I can set the password manually. How do I do that? I won’t let me simply take them out of the group ‘LDAP’ and when I disable the LDAP Integration App, I’m not allowed to change the passwords of the users.

Does anybody know how to convert an LDAP-user to a BACKEND-user?

This is a really old post but given that I found it when I was trying to do exactly that, I’ll leave here my solution.

There doesn’t seem to be an official/supported way to do it, but it is possible by updating the database.

First, connect to the db (mariadb in my case):
mysql owncloud -u owncloud -p

Then you’ll have to create a record in the oc_users table. (Note that the oc prefix might be different depending on your configuration).

insert into oc_users
select user_id, display_name, ''
from oc_accounts where backend like '%User_LDAP%';

I’ve chosen to create an empty password, which means all users will have to change theirs before being able to log in.

Finally, change the backend of those users from LDAP to Database:

update oc_accounts set backend='OC\\User\\Database' where backend like '%User_LDAP%';

And that’s it. The downside is that the userid will remain the gibberish uid from ldap but luckily that uid is not displayed anywhere if you have a display name and it is possible to log in with the email address instead of the user.

I don’t recommend attempting to change the user id, it is present in too many tables and logs and it appears the shared folders get lost when changed.

What I do recommend is to try this on a dev environment before attempting to do it in production. My deployment uses Docker and it is quite easy to recover in case of mayhem, as long as you have a backup of the database. It might also be good to go into maintenance mode before tinkering with the database.

1 Like