Set user quota via LDAP attribute

antoniocaccese · April 30, 2025, 8:56am

I want to have the ability to assign different user quota values via an LDAP attribute. I searched the OCIS documentation but found nothing to do this. I’ve tried different attributes (even trying with AI) but none of them work.

Versione OCIS

I installed OCIS binary ocis-7.1.2-linux-amd64 and configured my VM and service following this setup: Bare Metal Deployment with systemd

Here is my ocis.env file

OCIS_INSECURE=true
#IDM_CREATE_DEMO_USERS=true
PROXY_HTTP_ADDR=0.0.0.0:9200
OCIS_URL=https://xxx.xxx.xxx.xxx:9200
OCIS_FORCE_CONFIG_OVERWRITE=true
OCIS_LOG_LEVEL=debug

#OCIS_SPACES_MAX_QUOTA=10737418240
#STORAGE_USERS_OCIS_MAX_QUOTA=10737418240

OCIS_DISABLE_VERSIONING=“true”

OCIS_CONFIG_DIR=/etc/ocis
OCIS_BASE_DATA_PATH=/var/lib/ocis

OCIS_LDAP_URI=“ldaps://xxxxxx”
OCIS_LDAP_INSECURE=“true”
OCIS_LDAP_BIND_DN=“cn=xxxxxx,cn=users,dc=xxxxxx,dc=local”
OCIS_LDAP_BIND_PASSWORD=“xxxxxx”
OCIS_LDAP_DISABLE_USER_MECHANISM=“none”
OCIS_LDAP_GROUP_BASE_DN=“dc=xxxxxx,dc=local”
OCIS_LDAP_GROUP_OBJECTCLASS=“group”
OCIS_LDAP_GROUP_SCHEMA_ID=“objectGUID”
OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING=“true”
OCIS_LDAP_GROUP_SCHEMA_GROUPNAME=“cn”
OCIS_LDAP_USER_BASE_DN=“dc=xxxxxx,dc=local”
OCIS_LDAP_USER_OBJECTCLASS=“user”
OCIS_LDAP_USER_SCHEMA_ID=“objectGUID”
OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING=“true”
OCIS_LDAP_USER_SCHEMA_USERNAME=“sAMAccountName”
OCIS_LDAP_USER_SCHEMA_QUOTA=“postofficebox”
OCIS_LDAP_LOGIN_ATTRIBUTES=“sAMAccountName”
IDP_LDAP_LOGIN_ATTRIBUTE=“sAMAccountName”
IDP_LDAP_UUID_ATTRIBUTE=“objectGUID”
IDP_LDAP_UUID_ATTRIBUTE_TYPE=binary
OCIS_LDAP_USER_ENABLED_ATTRIBUTE=title
OCIS_LDAP_SERVER_WRITE_ENABLED=false
OCIS_EXCLUDE_RUN_SERVICES=idm
OCIS_ADMIN_USER_ID=‘xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx’

GRAPH_LDAP_USER_QUOTA_ATTRIBUTE=postOfficeBox
OCIS_LDAP_USER_QUOTA_ATTRIBUTE=postOfficeBox
IDM_LDAP_USER_SCHEMA_QUOTA=postOfficeBox
GRAPH_SPACES_DEFAULT_QUOTA=1000
OCIS_LDAP_USER_SCHEMA_QUOTA=postOfficeBox

OCIS_DEFAULT_LANGUAGE=it

Actual behaviour

User quota is always unlimited.

Server configuration

Operating system: Ubuntu 24.04.2 LTS
ownCloud version: OCIS 7.1.2
User-backend: LDAP/ActiveDirectory

kobergj · May 5, 2025, 9:50am

Unfortunately this is not possible at the moment. Quotas on the personal spaces are always based on the user role (admin, spaceadmin, user, …) and not on the individual users.

It is however possible to assign roles to users via oidc claims and then adjust the quota for these roles. See Proxy Service Configuration :: Documentation for ownCloud (A Kiteworks Company) and Proxy Service Configuration :: Documentation for ownCloud (A Kiteworks Company) for more information about this.

antoniocaccese · May 8, 2025, 10:06pm

My goal is to ensure that by default all users have a quota of only 1MB. For some special users, at a later time, I want to be able to increase the quota, for example to 1, 2, 3, 5/10GB. Is there a way to achieve this in OCIS?

kobergj · May 9, 2025, 9:20am

Yes this is possible. See Proxy Service Configuration :: Documentation for ownCloud (A Kiteworks Company)

The default id for the user role in ocis is d7beeea8-8ff4-406b-8fb6-ab2dd81e6b11 so something like

role_quotas:
    d7beeea8-8ff4-406b-8fb6-ab2dd81e6b11: 1MB

in the proxy config should do the trick