Steps to reproduce
- Fresh install on Owncloud
- Setup LDAP working with AD
- Add external storage support
- Configure storage with SMB personal to only be available for certain AD groups
- Verify when use logs in that the share is showing available in All Files
Expected behaviour
Have LDAP authenticating correctly in User Authentication and I am mounting using SMB Personal and verifying permissions using AD groups. The expected behavior would be that when a user logs in, if they are apart of the AD group the external share mounts to their all files folder, and if not it doesn’t.
Actual behaviour
Instead the Storage tab will say that the “External mount has been added successfully”, but will not mount to users all files folder. If I remove the AD group in the “Available For” field it will mount correctly in the users all files, but also for everyone else.
Server configuration
Operating system:
Ubuntu 22.04.3 LTS
Web server:
ownCloud 10.13.1 (stable)
Database:
mysql-common 5.8+1.0.8
PHP version:
7.4.33-8
ownCloud version: (see ownCloud admin page)
ownCloud 10.13.1 (stable)
Updated from an older ownCloud or fresh install:
Fresh install
Where did you install ownCloud from:
Ubuntu 22.04 installation in Owncloud Admin guide
Signing status (ownCloud 9.0 and above):
yes
Login as admin user into your ownCloud and access
http://example.com/index.php/settings/integrity/failed
paste the results into https://gist.github.com/ and puth the link here.
No errors have been found.
The content of config/config.php:
<?php $CONFIG = array ( 'passwordsalt' => '', 'secret' => '', 'trusted_domains' => array ( 0 => 'localhost', 1 => '', 2 => '', ), 'datadirectory' => '/var/www/owncloud/data', 'overwrite.cli.url' => 'http://localhost', 'dbtype' => 'mysql', 'version' => '10.13.1.3', 'dbname' => '', 'dbconnectionstring' => '', 'dbhost' => 'localhost', 'dbtableprefix' => '', 'mysql.utf8mb4' => true, 'dbuser' => '', 'dbpassword' => '', 'allow_user_to_change_mail_address' => '', 'logtimezone' => 'UTC', 'apps_paths' => array ( 0 => array ( 'path' => '/var/www/owncloud/apps', 'url' => '/apps', 'writable' => false, ), 1 => array ( 'path' => '/var/www/owncloud/apps-external', 'url' => '/apps-external', 'writable' => true, ), ), 'installed' => true, 'instanceid' => '', 'memcache.local' => '\\OC\\Memcache\\APCu', 'memcache.locking' => '\\OC\\Memcache\\Redis', 'redis' => array ( 'host' => '127.0.0.1', 'port' => '6379', ), 'ldapIgnoreNamingRules' => false, 'mail_domain' => '', 'mail_from_address' => '', 'mail_smtpmode' => '', 'mail_smtpsecure' => '', 'mail_smtpauthtype' => '', 'mail_smtpauth' => , 'mail_smtphost' => '', 'mail_smtpport' => '', 'loglevel' => 0, ); ``` **List of activated apps:** ``` If you have access to your command line run e.g.: sudo -u www-data php occ app:list from within your ownCloud installation folder. ``` Enabled: - announcementcenter: - Version: 1.2.2 - Path: /var/www/owncloud/apps/announcementcenter - comments: - Version: 0.3.0 - Path: /var/www/owncloud/apps/comments - configreport: - Version: 0.2.2 - Path: /var/www/owncloud/apps/configreport - dav: - Version: 0.7.0 - Path: /var/www/owncloud/apps/dav - diagnostics: - Version: 0.2.0 - Path: /var/www/owncloud/apps/diagnostics - duo: - Version: 2.5.2 - Path: /var/www/owncloud/apps/duo - federatedfilesharing: - Version: 0.5.0 - Path: /var/www/owncloud/apps/federatedfilesharing - files: - Version: 1.6.0 - Path: /var/www/owncloud/apps/files - files_antivirus: - Version: 1.2.2 - Path: /var/www/owncloud/apps/files_antivirus - files_external: - Version: 0.9.0 - Path: /var/www/owncloud/apps/files_external - files_mediaviewer: - Version: 1.0.5 - Path: /var/www/owncloud/apps/files_mediaviewer - files_pdfviewer: - Version: 1.0.1 - Path: /var/www/owncloud/apps/files_pdfviewer - files_texteditor: - Version: 2.6.0 - Path: /var/www/owncloud/apps/files_texteditor - files_trashbin: - Version: 0.9.1 - Path: /var/www/owncloud/apps/files_trashbin - files_versions: - Version: 1.3.0 - Path: /var/www/owncloud/apps/files_versions - firstrunwizard: - Version: 1.3.0 - Path: /var/www/owncloud/apps/firstrunwizard - market: - Version: 0.8.0 - Path: /var/www/owncloud/apps/market - notifications: - Version: 0.6.0 - Path: /var/www/owncloud/apps/notifications - provisioning_api: - Version: 0.5.0 - Path: /var/www/owncloud/apps/provisioning_api - systemtags: - Version: 0.3.0 - Path: /var/www/owncloud/apps/systemtags - templateeditor: - Version: 0.4.0 - Path: /var/www/owncloud/apps/templateeditor - user_external: - Version: 0.6.0 - Path: /var/www/owncloud/apps/user_external - user_ldap: - Version: 0.18.0 - Path: /var/www/owncloud/apps/user_ldap **Are you using external storage, if yes which one:** local/smb/sftp/... yes, \OCA\Files_External\Lib\Storage\SMB **Are you using encryption:** yes/no yes **Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/... LDAP #### LDAP configuration (delete this part if not used) ``` With access to your command line run e.g.: sudo -u www-data php occ ldap:show-config from within your ownCloud installation folder +-------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Configuration | | +-------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | hasMemberOfFilterSupport | 1 | | hasPagedResultSupport | | | homeFolderNamingRule | | | lastJpegPhotoLookup | 0 | | ldapAgentName | | | ldapAgentPassword | | ldapAttributesForGroupSearch | | | ldapAttributesForUserSearch | | | ldapBackupHost | | | ldapBackupPort | | | ldapBase | | | ldapBaseGroups | | | ldapBaseUsers | | | ldapCacheTTL | 600 | | ldapConfigurationActive | 1 | | ldapDynamicGroupMemberURL | | | ldapEmailAttribute | mail | | ldapExperiencedAdmin | 0 | | ldapExpertGroupnameAttr | | | ldapExpertUUIDGroupAttr | | | ldapExpertUUIDUserAttr | objectguid | | ldapExpertUsernameAttr | SamAccountName | | ldapGroupDisplayName | cn | | ldapGroupFilter | | | ldapGroupFilterGroups | | | ldapGroupFilterMode | 1 | | ldapGroupFilterObjectclass | | | ldapGroupMemberAlgo | groupScan | | ldapGroupMemberAssocAttr | member | | ldapHost | | | ldapIgnoreNamingRules | | | ldapLoginFilter | | | ldapLoginFilterAttributes | | | ldapLoginFilterEmail | 0 | | ldapLoginFilterMode | 1 | | ldapLoginFilterUsername | 1 | | ldapNestedGroups | 1 | | ldapNetworkTimeout | 15 | | ldapOverrideMainServer | | | ldapPagingSize | 500 | | ldapPort | | ldapQuotaAttribute | | | ldapQuotaDefault | | | ldapTLS | 0 | | ldapUserDisplayName | cn | | ldapUserDisplayName2 | | | ldapUserFilter | | | ldapUserFilterGroups | | | ldapUserFilterMode | 1 | | ldapUserFilterObjectclass | person | | ldapUserName | samaccountname | | ldapUuidGroupAttribute | auto | | ldapUuidUserAttribute | auto | | turnOffCertCheck | 0 | | useMemberOfToDetectMembership | 1 ``` ### Client configuration **Browser:** chrome **Operating system:** Windows 10 ### Logs #### Web server error log ``` No error ``` #### ownCloud log (data/owncloud.log) ``` {"reqId":"","level":0,"time":"2023-10-23T15:03:12+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/ocs\/v2.php\/apps\/notifications\/api\/v1\/notifications?format=json","message":"token with token id 15 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:12+00:00","remoteAddr":"","user":"","app":"OC\\Authentication\\Token\\DefaultTokenProvider::updateTokenActivity","method":"GET","url":"\/ocs\/v2.php\/apps\/notifications\/api\/v1\/notifications?format=json","message":"updating activity of token 15 to 1698073392"} {"reqId":"","level":0,"time":"2023-10-23T15:03:12+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/ocs\/v2.php\/apps\/notifications\/api\/v1\/notifications?format=json","message":"token with token id 15 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:17+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"PUT","url":"\/index.php\/apps\/files_external\/globalstorages\/7","message":"token with token id 15 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:17+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"PUT","url":"\/index.php\/apps\/files_external\/globalstorages\/7","message":"token with token id 15 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:17+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"PUT","url":"\/index.php\/apps\/files_external\/globalstorages\/7","message":"token with token id 15 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:21+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/logout?requesttoken=","message":"token with token id 15 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:21+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/logout?requesttoken=","message":"token with token id 15 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:21+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/logout?requesttoken=","message":"token with token id 15 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:21+00:00","remoteAddr":"","user":"","app":"OC\\Authentication\\Token\\DefaultTokenProvider::invalidateToken","method":"GET","url":"\/index.php\/logout?requesttoken=","message":"invalidating token "} {"reqId":"","level":0,"time":"2023-10-23T15:03:21+00:00","remoteAddr":"","user":"--","app":"OC\\Authentication\\Token\\DefaultTokenProvider::invalidateToken","method":"GET","url":"\/index.php\/login","message":"invalidating token "} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"OC\\User\\Session::login","method":"POST","url":"\/index.php\/login","message":"regenerating session id for uid , password set"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"OC\\User\\Session::validateToken","method":"POST","url":"\/index.php\/login","message":"token , not found"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"Abandoning paged search - last cookie: '', cookies: <>"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"Page response cookie '' at -0, estimated<0>"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"Abandoning paged search - last cookie: '', cookies: <''>"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"No LDAP quota attribute configured"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"No LDAP quota default configured"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"using quota <> for user <>"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"No LDAP quota attribute configured"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"No LDAP quota default configured"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"user_ldap","method":"POST","url":"\/index.php\/login","message":"using quota <> for user <>"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"core","method":"POST","url":"\/index.php\/login","message":"OC\\Authentication\\LoginPolicies\\GroupLoginPolicy policy registered"} {"reqId":"","level":1,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"--","app":"OC\\User\\Session::loginInOwnCloud","method":"POST","url":"\/index.php\/login","message":"login using \"password\" login type"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\Authentication\\Token\\DefaultTokenProvider::generateToken","method":"POST","url":"\/index.php\/login","message":"generating token , uid , loginName , pwd set, name Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/118.0.0.0 Safari\/537.36, type temporary"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/apps\/files\/","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/apps\/files\/","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/apps\/files\/","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/core\/js\/oc.js?v=0fc0eb1e728bf1e19cb4057d5f0e8f59","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/core\/js\/oc.js?v=0fc0eb1e728bf1e19cb4057d5f0e8f59","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/core\/js\/oc.js?v=0fc0eb1e728bf1e19cb4057d5f0e8f59","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/core\/js\/oc.js?v=0fc0eb1e728bf1e19cb4057d5f0e8f59","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/ocs\/v2.php\/apps\/notifications\/api\/v1\/notifications?format=json","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/ocs\/v2.php\/apps\/notifications\/api\/v1\/notifications?format=json","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"PROPFIND","url":"\/remote.php\/dav\/files\/\/","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/avatar\/\/28","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/avatar\/\/28","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/avatar\/\/28","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/apps\/files\/ajax\/getstoragestats.php?dir=%2F","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/apps\/files\/ajax\/getstoragestats.php?dir=%2F","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/apps\/files\/ajax\/getstoragestats.php?dir=%2F","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/avatar\/\/28","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/avatar\/\/28","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/index.php\/avatar\/\/28","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/ocs\/v1.php\/apps\/files_external\/api\/v1\/mounts?format=json","message":"token with token id 16 found, validating"} {"reqId":"","level":0,"time":"2023-10-23T15:03:29+00:00","remoteAddr":"","user":"","app":"OC\\User\\Session::validateToken","method":"GET","url":"\/ocs\/v1.php\/apps\/files_external\/api\/v1\/mounts?format=json","message":"token with token id 16 found, validating"}