Can you try this:
snap run nextcloud.psql -c "select * from oc_ldap_group_membership"
This changed in v29.
Also this:
snap run nextcloud.psql -c "select * from oc_ldap_group_mapping"
And this:
snap run nextcloud.occ group:info admin
One more:
snap run nextcloud.occ user:info trevor
snap run nextcloud.psql -c "select * from oc_ldap_group_membership"
id | groupid | userid
----+---------+--------
2 | alex | alex
3 | abtuse | alex
4 | abtuse | brian
5 | abtuse | bruce
6 | abtuse | henry
7 | abtuse | scott
9 | brian | brian
10 | bruce | bruce
11 | danny | danny
12 | henry | henry
13 | sarah | sarah
14 | scott | scott
(12 rows)
snap run nextcloud.psql -c "select * from oc_ldap_group_mapping"
snap run nextcloud.psql -c "select * from oc_ldap_group_mapping"
owncloud_name | ldap_dn | directory_uuid | ldap_dn_hash
---------------+------------------------------------------+--------------------------------------+------------------------------------------------------------------
alex | cn=alex,ou=groups,dc=syncloud,dc=org | 819f3618-d234-103e-9e7e-552073deadc2 | 6a60e17d2543a3a6e93676b7898e964b9695c2f7a6e1dde854794d186f608205
brian | cn=brian,ou=groups,dc=syncloud,dc=org | dcb10978-d234-103e-9e81-552073deadc2 | aa08486944bd66c3424c26c1a30b2504d82ee7afb0648693e22ce17084417f73
bruce | cn=bruce,ou=groups,dc=syncloud,dc=org | ed689b46-d234-103e-9e83-552073deadc2 | 066e572295c0778d864b7145a33e1c051f114b2572cb3a5e2fb135b129e7f772
danny | cn=danny,ou=groups,dc=syncloud,dc=org | 022d4f36-d235-103e-9e85-552073deadc2 | e860edba60ea8b63a39ceb04fb0d31ddcfa81fb22b438f309f73924241e5ba4e
henry | cn=henry,ou=groups,dc=syncloud,dc=org | 190a66f8-d235-103e-9e87-552073deadc2 | 4c863f623b5b2a3931016028fc65b2a5e410e35f93301b2876920cd6f2c30e00
sarah | cn=sarah,ou=groups,dc=syncloud,dc=org | 35fe65e8-d235-103e-9e89-552073deadc2 | 9ea3d167779a9513536a15f55ac308bb78299b4b6db1d4936ca6b33f4457d1a8
scott | cn=scott,ou=groups,dc=syncloud,dc=org | 5897b794-d235-103e-9e8b-552073deadc2 | 3f65d32297c5a526e2f5ce08abff084d072d09d70359b3326dda702989ef4d6d
abtuse | cn=abtuse,ou=groups,dc=syncloud,dc=org | bced903e-d234-103e-9e80-552073deadc2 | e4917328e79527f8c2293ca8375ce19092433f5fadaea3014074c71f2cda19b5
admin | cn=syncloud,ou=groups,dc=syncloud,dc=org | 5c228aae-d147-103e-9917-353e2aed4c26 | aac22646179b2b187a05c325be3431b95e39ef12a19def4ad4ea2e3aa0dc5123
(9 rows)
snap run nextcloud.occ group:info admin
- groupID: admin
- displayName: admin
- backends:
- Database
- LDAP
This one please:
snap run nextcloud.occ user:info trevor
snap run nextcloud.occ user:info trevor
- user_id: trevor
- display_name: trevor
- email: trevor@tprinn.syncloud.it
- cloud_id: trevor@http://localhost
- enabled: true
- groups:
- quota: none
- storage:
- free: 914476216320
- used: 33526024003
- total: 948002240323
- relative: 3.54
- quota: -3
- last_seen: 2024-07-09T21:28:09+00:00
- user_directory: /opt/disk/external/nextcloud/trevor
- backend: LDAP
Iād already tried to add myself to the admin group
snap run nextcloud.occ group:adduser admin trevor
Doesnāt seem to do anything
How about
snap run nextcloud.occ group:removeuser admin trevor
snap run nextcloud.occ group:adduser admin trevor
Logout/login
Made no difference 
Iāve made sarah an admin from the cli and logged in on her account. That worked, but making me an admin from her account in the UI still doesnāt work. I add the admin group to my account but it disappears when I refresh or login as myself.
Iāve added the contacts and calendar apps using her account and imported the backups I made yesterday to my account and that has worked. I can probably make a separate admin account and just leave the mystery of why I canāt make myself an admin for the moment.
Gogs is still working fine. It recognises me as admin and also has the local accounts, and repos and orgs all seem to be there.
1 Like
Few more:
snap run nextcloud.occ ldap:check-user trevor
snap run nextcloud.occ ldap:show-config
snap run nextcloud.occ ldap:check-user trevor
Cannot check user existence, because disabled LDAP configurations are present.
snap run nextcloud.occ ldap:show-config
+-------------------------------+--------------------------------------------+
| Configuration | s01 |
+-------------------------------+--------------------------------------------+
| hasMemberOfFilterSupport | 0 |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAdminGroup | |
| ldapAgentName | cn=admin,dc=syncloud,dc=org |
| ldapAgentPassword | *** |
| ldapAttributeAddress | |
| ldapAttributeBiography | |
| ldapAttributeFediverse | |
| ldapAttributeHeadline | |
| ldapAttributeOrganisation | |
| ldapAttributePhone | |
| ldapAttributeRole | |
| ldapAttributeTwitter | |
| ldapAttributeWebsite | |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackgroundHost | |
| ldapBackgroundPort | |
| ldapBackupHost | |
| ldapBackupPort | 389 |
| ldapBase | dc=syncloud,dc=org |
| ldapBaseGroups | ou=groups,dc=syncloud,dc=org |
| ldapBaseUsers | ou=users,dc=syncloud,dc=org |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapConnectionTimeout | 15 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | cn |
| ldapExtStorageHomeAttribute | |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (&(|(objectclass=posixGroup))) |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 0 |
| ldapGroupFilterObjectclass | posixGroup |
| ldapGroupMemberAssocAttr | memberUid |
| ldapHost | ldap://localhost |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(|(objectclass=inetOrgPerson))(cn=%uid)) |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 0 |
| ldapLoginFilterUsername | 1 |
| ldapMatchingRuleInChainState | unknown |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 389 |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserAvatarRule | default |
| ldapUserDisplayName | cn |
| ldapUserDisplayName2 | |
| ldapUserFilter | (|(objectclass=inetOrgPerson)) |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 0 |
| ldapUserFilterObjectclass | inetOrgPerson |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| markRemnantsAsDisabled | 0 |
| turnOffCertCheck | 1 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+--------------------------------------------+
+-------------------------------+-------------+
| Configuration | s02 |
+-------------------------------+-------------+
| hasMemberOfFilterSupport | 0 |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAdminGroup | |
| ldapAgentName | |
| ldapAgentPassword | *** |
| ldapAttributeAddress | |
| ldapAttributeBiography | |
| ldapAttributeFediverse | |
| ldapAttributeHeadline | |
| ldapAttributeOrganisation | |
| ldapAttributePhone | |
| ldapAttributeRole | |
| ldapAttributeTwitter | |
| ldapAttributeWebsite | |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | |
| ldapBackgroundHost | |
| ldapBackgroundPort | |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | |
| ldapBaseGroups | |
| ldapBaseUsers | |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | |
| ldapConnectionTimeout | 15 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | |
| ldapExperiencedAdmin | 0 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | |
| ldapExtStorageHomeAttribute | |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 0 |
| ldapGroupFilterObjectclass | |
| ldapGroupMemberAssocAttr | |
| ldapHost | |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 0 |
| ldapLoginFilterUsername | 1 |
| ldapMatchingRuleInChainState | unknown |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | |
| ldapQuotaAttribute | |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserAvatarRule | default |
| ldapUserDisplayName | displayName |
| ldapUserDisplayName2 | |
| ldapUserFilter | |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 0 |
| ldapUserFilterObjectclass | |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| markRemnantsAsDisabled | 0 |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+-------------+
Just found another problem. Iāve been accessing the server from within my network. I hadnāt realised that itās not accessible from the internet. The router setup is the same as before, forwarding ports 80 and 443 to the server.
Is there any error on save?
Also can you create a separate thread per problem please?
It would be good to try to find the problem with admin, can you remove the s02 (it was suggested in past by nextcloud to create this empty one but not needed anymore) config and try again?
snap run nextcloud.occ ldap:delete-config s02
Then
snap run nextcloud.occ ldap:check-user trevor
Sorry. Actually, I just fixed that problem. For some reason, I had to add IPV6 firewall rules to the router.
snap run nextcloud.occ ldap:delete-config s02
Deleted configuration with configID 's02'
snap run nextcloud.occ ldap:check-user trevor
The user is still available on LDAP.
Thatās gone a long way to fixing it! The trevor account is now an admin. The only problem I can see is that the only User listed on the nextcloud users page is me, and under admins I can see me and sarah. The other users and the groups arenāt visible in that list
All the users and groups, apart from trevor and the syncloud group, seem to have disappeared from the users app (or I no longer have access to them).