-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User deletion fails in some circumstances #4375
Comments
We don't support that usually. If the LDAP app detects this case it appends a number to the user name. Deleting LDAP users in general is not possible.
This happens, because the LDAP now can create the user with that name. I would say this is intended behaviour, right @blizzz ? |
Steps: This is intended behaviour? |
|
with step 3: local user is identified in Nextcloud by "first.lastname" and LDAP user by "$UUID" (e.g. 'fcb098f0-850a-40d3-9428-0342d90d5aea') with step 8 and "accidentally, possibly had set matching local auth password": if the loginname and password are the same, then the first backend that can authenticate the user will do so. IIRC local backend is always tried first. → LDAP user was never authenticated. Next login attempt succeeds with LDAP Backend and also has a new folder. What is the issue now? |
The LDAP account had already logged in and created its folder and had content. Non-LDAP account had some minor test content. LDAP account was in admin group, non-LDAP wasn't. Non-LDAP account was deleted, and got recreated during login. |
How do you know it was recreated? The user folder is no indicator for this AFAIK. |
The previous folder and contents were deleted; in addition by coincidence a sys admin was accessing the server doing documentation and had a folder listing without the first.lastname folder, which then reappeared, but as a clean "new user" folder set.. |
This could also mean, that the LDAP user created this. Could you check the oc_users table, because I doubt, that a user is re-created. |
The LDAP user folders are named with the UID and existed prior to the local user of the same (login/real) name. |
Anyways: is the user then also listen in |
@rullzer @icewind1991 This weird "user is deleted but folder is created again" sounds maybe also like a session that is still active. 🤔 |
As there is no feedback since a while I will close this ticket. If this is still happening please make sure to upgrade to the latest version. After that, feel free to reopen. |
Steps to reproduce
Expected behaviour
User account should be deleted
Actual behaviour
User account appears to be deleted but reappears later
Server configuration
Operating system: Ubuntu 16.04, all official repo installation apart from NC
Web server:: Apache
Database: Postgres
PHP version: 7
Nextcloud version: 11.01, updated from 10(ish?)
Where did you install Nextcloud from: tgz from official
Are you using an external user-backend, if yes which one: LDAP (Samba 4) - but the user account in question was a local test account with the same "real name" (login name, but not UID) as an LDAP account, and this may be the unique circumstance - it also seems that the end user was logged in with their new (in admin group) LDAP account at around the same time as the deletion and added the wrong version of themselves to a new group they created.
However, by a lucky coincidence the server was being accessed by CLI for the purposes of illustrating to tech staff how the files were stored, so we know the local account had been deleted insofar as the related user folder was not there. The user folder was recreated with a set from new user template when the end user accidentally logged in with the old user/pass combination.
The text was updated successfully, but these errors were encountered: