1.7 KiB
Natürlich, hier ist der aktualisierte Abschnitt inklusive des allgemeinen LDAP-Synchronisationsbefehls:
Add LDAP Users Manually for Immediate Sharing
In a default Nextcloud + LDAP setup, user accounts are only created in the internal Nextcloud database after their first login. This means that even if a user exists in LDAP, they cannot receive shared files or folders until they have logged in at least once—or are manually synchronized.
To make LDAP users available for sharing without requiring initial login, follow these steps:
1. Search for the User in LDAP
Check if the user exists in the configured LDAP directory:
docker exec -u www-data nextcloud-application php occ ldap:search <username>
If the user is found, proceed to the next step.
2. Create the User in Nextcloud from LDAP
Manually trigger a sync to register the user in the Nextcloud database:
docker exec -u www-data nextcloud-application php occ ldap:check-user --update <username>
Example:
docker exec -u www-data nextcloud-application php occ ldap:check-user --update viktoriakaffanke
Once executed, the user becomes fully available in the system—for sharing, group membership, and permissions—even without logging in.
3. Synchronize All Known Users (Optional)
To synchronize account data (display name, mail address, group memberships, etc.) for all users currently known to Nextcloud:
docker exec -u www-data nextcloud-application php occ user:sync-account-data
This step is especially useful after modifying LDAP attributes or group memberships, ensuring up-to-date data in the Nextcloud UI and permission system.
Let me know if you'd like a similar section for OIDC or automated sync in Ansible.