===== IServ an Nextcloud anbinden (LDAP) ===== Zunächst muss man auf dem IServ den LDAP-Zugriff [[https://wiki.mzclp.de/doku.php?id=anleitung:iservmoodleldap#ldap_auf_dem_iserv_vorbereiten|vorbereiten]]. Das mitgelieferte Plugin von Nextcloud schreibt leider ungeeignete Daten in die Nextcloud-Datenbank, so dass man z.B. mit phpmyadmin manuell Werte in die Datenbank schreiben muss. Die relevanten Einträge befinden sich in der Tabelle //oc_appconfig// und besitzen in der Spalte //appid// den Eintrag //user_ldap//. | @#F61303:**Datenbankfeld** | @#F61303:**Wert** | @#F61303:**Kommentar** | | cleanUpJobOffset | 100 | | | @lightgrey:enabled | @lightgrey:yes | @lightgrey: | | installed_version | 1.8.0 | | | @lightgrey:s01_lastChange | @lightgrey:1606067775 | @lightgrey: | | s01has_memberof_filter_support | 1 | | | @lightgrey:s01home_folder_naming_rule | @lightgrey: | @lightgrey: | | s01last_jpegPhoto_lookup | 0 | | | @lightgrey:s01ldap_agent_password | @lightgrey:HIERSTEHTEINSICHERESPASSWORT | @lightgrey: | | s01ldap_attributes_for_group_search | | | | @lightgrey:s01ldap_attributes_for_user_search | @lightgrey: | @lightgrey: | | s01ldap_backup_host | | | | @lightgrey:s01ldap_backup_port | @lightgrey: | @lightgrey: | | s01ldap_base | dc=schule,dc=tld | | | @lightgrey:s01ldap_base_groups | @lightgrey:dc=schule,dc=tld | @lightgrey: | | s01ldap_base_users | dc=schule,dc=tld | | | @lightgrey:s01ldap_cache_ttl | @lightgrey:600 | @lightgrey: | | s01ldap_configuration_active | 1 | | | @lightgrey:s01ldap_default_ppolicy_dn | @lightgrey: | @lightgrey: | | s01ldap_display_name | gecos | | | @lightgrey:s01ldap_dn | @lightgrey:cn=nextcloud,ou=ldap,dc=schule,dc=tld | @lightgrey: | | s01ldap_dynamic_group_member_url | | | | @lightgrey:s01ldap_email_attr | @lightgrey:mail | @lightgrey: | | s01ldap_experienced_admin | 0 | | | @lightgrey:s01ldap_expert_username_attr | @lightgrey: | @lightgrey: | | s01ldap_expert_uuid_group_attr | | | | @lightgrey:s01ldap_expert_uuid_user_attr | @lightgrey: | @lightgrey: | | s01ldap_ext_storage_home_attribute | | | | @lightgrey:s01ldap_gid_number | @lightgrey:gidNumber | @lightgrey: | | s01ldap_group_display_name | cn | | | @lightgrey:s01ldap_group_filter | @lightgrey:%%(&(|(objectclass=posixGroup))(|(cn=GRUPPE)(cn=GRUPPE)(cn=GRUPPE)(cn=GRUPPE)))%% | @lightgrey: | | s01ldap_group_filter_mode | 1 | | | @lightgrey:s01ldap_group_member_assoc_attribute | @lightgrey:memberUid | @lightgrey: | | s01ldap_groupfilter_groups | GRUPPE | | | @lightgrey:s01ldap_groupfilter_objectclass | @lightgrey:posixGroup | @lightgrey: | | s01ldap_host | %%ldaps://schule.tld%% | | | @lightgrey:s01ldap_login_filter | @lightgrey:%%(&(|(memberof=cn=GRUPPE,ou=groups,dc=MEIN-ISERV,dc=de)(memberof=cn=NOCHEINEGRUPPE,ou=groups,dc=MEIN-ISERV,dc=de)(memberof=cn=WEITEREGRUPPE,ou=groups,dc=MEIN-ISERV,dc=de))(uid=%uid))%% | @lightgrey: | | s01ldap_login_filter_mode | 1 | | | @lightgrey:s01ldap_loginfilter_attributes | @lightgrey: | @lightgrey: | | s01ldap_loginfilter_email | 0 | | | @lightgrey:s01ldap_loginfilter_username | @lightgrey:1 | @lightgrey: | | s01ldap_nested_groups | 0 | | | @lightgrey:s01ldap_override_main_server | @lightgrey: | @lightgrey: | | s01ldap_paging_size | 500 | | | @lightgrey:s01ldap_port | @lightgrey:10636 | @lightgrey: | | s01ldap_quota_attr | | | | @lightgrey:s01ldap_quota_def | @lightgrey: | @lightgrey: | | s01ldap_tls | 0 | | | @lightgrey:s01ldap_turn_off_cert_check | @lightgrey:0 | @lightgrey: | | s01ldap_turn_on_pwd_change | 0 | | | @lightgrey:s01ldap_user_avatar_rule | @lightgrey:default | @lightgrey: | | s01ldap_user_display_name_2 | | | | @lightgrey:s01ldap_user_filter_mode | @lightgrey:1 | @lightgrey: | | s01ldap_userfilter_groups | GRUPPE | | @lightgrey:s01ldap_userfilter_objectclass | @lightgrey: | @lightgrey: | | s01ldap_userlist_filter | %%(|(memberof=cn=GRUPPE,ou=groups,dc=schule,dc=tld)(memberof=cn=GRUPPE,ou=groups,dc=schule,dc=tld)(memberof=cn=GRUPPE,ou=groups,dc=MEIN-ISERV,dc=de))%% | | @lightgrey:s01use_memberof_to_detect_membership | @lightgrey:1 | @lightgrey: | | types | authentication |