I have a problem… I want to provide a Nextcloud instance where users authenticate via LDAP.
Currently every user that has ever been created in our LADP is listed and so the login would be possible. For important reasons, we cannot simply delete expired accounts from our LDAP. Therefore, there are many remaining entries.
After searching the internet for some time, I noticed that Nextcloud does not take the shadowExpire attribute into account.
It would be nice if someone had a solution for me
Now my solution would be to add a filter to the LDAP search which only displays users who have not expired according to shadowExpire. Something like “shadowExpire=0” does not work.
Unfortunately, I am not experienced enough to create my own search string.
This doesn’t look like a programming problem to me, but like a configuration one. Try Super User, maybe?