Exclude groups from sharing

10

#1

Steps to reproduce

1.
2.
3.

Expected behaviour

Tell us what should happen

Actual behaviour

Tell us what happens instead

Server configuration

Operating system:

Web server:

Database:

PHP version:

ownCloud version: (see ownCloud admin page)

Updated from an older ownCloud or fresh install:

Where did you install ownCloud from:

Signing status (ownCloud 9.0 and above):

Login as admin user into your ownCloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results into https://gist.github.com/ and puth the link here.

The content of config/config.php:

Log in to the web-UI with an administrator account and click on
'admin' -> 'Generate Config Report' -> 'Download ownCloud config report'
This report includes the config.php settings, the list of activated apps
and other details in a well sanitized form.

or 

If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your ownCloud installation folder

*ATTENTION:* Do not post your config.php file in public as is. Please use one of the above
methods whenever possible. Both, the generated reports from the web-ui and from occ config:list
consistently remove sensitive data. You still may want to review the report before sending.
If done manually then it is critical for your own privacy to dilligently
remove *all* host names, passwords, usernames, salts and other credentials before posting.
You should assume that attackers find such information and will use them against your systems.

List of activated apps:

If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.

Are you using external storage, if yes which one: local/smb/sftp/...

Are you using encryption: yes/no

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...

LDAP configuration (delete this part if not used)

With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your ownCloud installation folder

Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';


Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.

Client configuration

Browser:

Operating system:

Logs

Web server error log

Insert your webserver log here

ownCloud log (data/owncloud.log)

Insert your ownCloud log here

Browser log

Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log 
c) ...

#2

Hi,

what is your question?


#3

Hi,

I would like to use exclude groups from sharing with AD groups.
It works with local group create but not with AD groups.


#4

You can just exclude this groups from being included in ownCloud in the LDAP Server settings group configurations in ownCloud


#5

I just use one group for test.
AD Group is in the LDAP settings group configurations. When I use groups in the settings users, I can show users on this group and I can select this when I want to exclude from sharing.
But not way, I can share files or directories with these users.
So I try to add these users to another local group of owncloud, exclude this group from sharing and now users can't share.


#6

I still don't quite know what you are trying to achieve but you can prevent sharing with custom groups, if you enable the option "restrict users from sharing with users outside of group"
Or you can, in the groups option of the LDAP server settings, select "Just this groups", and select those that you want to share with, leave the other ones unselected, so the users can't share with them.


#7

Thank you for the feedback. I use the other way with other options of groups settings and I succeded to share only selected users.


#8

Well, if your way works for you then I am glad to hear that.


#9

I take a mistake, I want to share with some users in other group. The only way is to use exclude groups from sharing.
If I can map AD group to local group owncloud, I succeded.


#10

Hi,

I am sorry but I still don't understand you.

What language are you comfortable in writing other than English?


#11

Hi,

I am sorry my English, I'm French :slight_smile:
Finally, I have updated db with mysql command insert into ... to use local group "noshare"

I want to use owncloud for a school, then I want to exclude students from sharing and teachers no.


#12

Should teachers and students interact in any way?

If not you could set up 2 separate ownClouds