Unable to unshare link if ldap user does not exist anymore #10446
Comments
|
GitMate.io thinks possibly related issues are #1470 (Avoid warning for non-existing LDAP users), #6990 (unshare link does not work), #3854 ("Resharing is not allowed" for LDAP users), #8454 (Sharees endpoint doesn't respect limit for ldap users), and #8500 (Unable to access CalDAV as LDAP authenticated user). |
|
@nextcloud/ldap please have a look |
|
@blizzz do we remove a share if the user does not exists in ldap? |
skjnldsv
added
0. Needs triage
|
When the delete process is done: https://docs.nextcloud.com/server/16/admin_manual/configuration_user/user_auth_ldap_cleanup.html |
|
So what is the status of this issue? |
|
In NC 15.0.5 this behavior does not occur anymore: It is possible to unshare a share of a user, which is deleted in LDAP, but still exists in Nextcloud. |
|
This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions. |
ghost
added
the
Steps to reproduce
-> Impossible, because the user / storage is not available.
Expected behaviour
User should always be able to unshare links, independent if the owner of a share is available or not.
Actual behaviour
User gets error message in browser, that the storage is currently not available.
Additional information
This behavior was noticed while installation and configuration of desktop client. It was impossible to synchronize because it runs into an error while retrieving all folders for synchronizing. After a look we noticed, that two folders get an error: The two shares of an user whose LDAP account was already deleted.
Server configuration
Operating system: Linux 9.4
Web server: Apache2
Database: mariaDB
PHP version: 7.0
Nextcloud version: (see Nextcloud admin page) 12.0.7
Updated from an older Nextcloud/ownCloud or fresh install: Update from 12.0.5
Where did you install Nextcloud from:
Signing status:
Signing status
No errors have been found.List of activated apps:
App list
Enabled:
Disabled:
Nextcloud configuration:
Config report
{
"system": {
"instanceid": "ocl3ir5nxzae",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"nextcloud.example.de",
"owncloud.example.de",
"cloud.example.de"
],
"trusted_proxies": [
"x.x.x.208",
"x.x.x.32"
],
"forwarded_for_headers": [
"HTTP_X_FORWARDED_FOR"
],
"overwritehost": "nextcloud.example.de",
"datadirectory": "/cloud-data",
"overwriteprotocol": "https",
"overwrite.cli.url": "https://nextcloud.example.de",
"logtimezone": "Europe/Berlin",
"default_language": "de_DE",
"allow_user_to_change_display_name": false,
"enable_avatars": true,
"filesystem_check_changes": 0,
"dbtype": "mysql",
"version": "12.0.7.1",
"dbname": "owncloud",
"dbhost": "cloud-db.example.de:3306",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"trashbin_retention_obligation": "30, auto",
"mail_domain": .example.de",
"mail_from_address": "no-reply",
"mail_smtpmode": "php",
"appstoreenabled": true,
"memcache.local": "\OC\Memcache\Redis",
"memcache.locking": "\OC\Memcache\Redis",
"memcache.distributed": "\OC\Memcache\Redis",
"redis": {
"host": "cloud-cache01.example.de",
"port": 6379,
"timeout": 0,
"dbindex": 0
},
"activity_expire_days": 180,
"updatechecker": false,
"theme": "thd",
"ldapIgnoreNamingRules": false,
"ldapProviderFactory": "\OCA\User_LDAP\LDAPProviderFactory",
"lost_password_link": "https://password.example.de/request",
"htaccess.RewriteBase": "/",
"defaultapp": "apporder",
"app.mail.accounts.default": {
"email": "%EMAIL%",
"imapHost": "mail.example.de",
"imapPort": 993,
"imapUser": "%EMAIL%",
"imapSslMode": "ssl",
"smtpHost": "smtp.example.de",
"smtpPort": 465,
"smtpUser": "%EMAIL%",
"smtpSslMode": "ssl"
},
"skeletondirectory": "/var/www/skeleton/",
"loglevel": 1,
"maintenance": false
}
}
Are you using external storage, if yes which one: No
Are you using encryption: no
Are you using an external user-backend, if yes which one: LDAP
LDAP configuration (delete this part if not used)
LDAP config
+-------------------------------+----------------------------------------------------------------------------------------+
| Configuration | |
+-------------------------------+----------------------------------------------------------------------------------------+
| hasMemberOfFilterSupport | |
| hasPagedResultSupport | |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | uid=readonly,ou=special-users,dc=example,dc=de |
| ldapAgentPassword | *** |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | sn;givenName;uid;mail |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | dc=example,dc=de |
| ldapBaseGroups | ou=groups,dc=example,dc=de |
| ldapBaseUsers | ou=users,dc=example,dc=de |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 1 |
| ldapExpertUUIDGroupAttr | cn |
| ldapExpertUUIDUserAttr | uid |
| ldapExpertUsernameAttr | |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (&(|(objectclass=groupOfUniqueNames))(!(cn=studenten*))) |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 1 |
| ldapGroupFilterObjectclass | groupOfUniqueNames |
| ldapGroupMemberAssocAttr | uniqueMember |
| ldapHost | ldaps://idm-auth.example.de |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (uid=%uid) |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 1 |
| ldapLoginFilterUsername | 1 |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | 0 |
| ldapPagingSize | 500 |
| ldapPort | 636 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | |
| ldapUserDisplayName | mail |
| ldapUserDisplayName2 | |
| ldapUserFilter | (&(objectclass=inetOrgPerson)(mail=)(!(mail=@example.edu))(!(mail=*@example.com))) |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 1 |
| ldapUserFilterObjectclass | inetOrgPerson |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+----------------------------------------------------------------------------------------+
Client configuration
Browser: FF
Operating system: Windows 10
Logs
Web server error log
Web server error log
x.x.x.29 - userB [26/Jul/2018:14:12:33 +0200] "GET /remote.php/dav/files/userB/Forschungsbericht%202017-druckversion-final.pdf HTTP/1.1" 500 830 "-" "Mozilla/5.0 (Windows) mirall/2.4.2 (build 10040)"
Nextcloud log (data/nextcloud.log)
Nextcloud log
{"reqId":"gH52gS0bvgxywoKIVETV","level":3,"time":"2018-07-26T14:12:33+02:00","remoteAddr":"x.x.x.29","user":"userB","app":"files","method":"GET","url":"/remote.php/dav/files/userB/Forschungsbericht%202017-druckversion-final.pdf","message":" Backends provided no user object for userA","userAgent":"Mozilla/5.0 (Windows) mirall/2.4.2 (build 10040)","version":"12.0.7.1"}
Browser log
Browser log
The text was updated successfully, but these errors were encountered: