diff --git a/CHANGELOG.md b/CHANGELOG.md index 8711888..40ad04e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ - Remove `shb.vaultwarden.ldapEndpoint` option because it was not used in the implementation anyway. - Bump Nextcloud default version from 27 to 28. Add support for version 29. - Deluge config breaks the authFile into an attrset of user to password file. Also deluge has tests now. +- Nextcloud now configures the LDAP app to use the `user_id` from LLDAP as the user ID used in Nextcloud. This makes all source of user - internal, LDAP and SSO - agree on the user ID. ## User Facing Backwards Compatible Changes diff --git a/modules/services/nextcloud-server.nix b/modules/services/nextcloud-server.nix index 251cf4d..8dae3ac 100644 --- a/modules/services/nextcloud-server.nix +++ b/modules/services/nextcloud-server.nix @@ -852,6 +852,11 @@ in '1' ${occ} ldap:set-config "${cID}" 'ldapUserFilterObjectclass' \ 'person' + # Makes the user_id used when creating a user through LDAP which means the ID used in + # Nextcloud is compatible with the one returned by a (possibly added in the future) SSO + # provider. + ${occ} ldap:set-config "${cID}" 'ldapExpertUsernameAttr' \ + 'user_id' ${occ} ldap:test-config -- "${cID}"