Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unrelated admin group is created instead of adding user to the nextcloud administrators group #911

Open
joaolongo opened this issue Jul 31, 2024 · 3 comments
Open

Unrelated admin group is created instead of adding user to the nextcloud administrators group #911

joaolongo opened this issue Jul 31, 2024 · 3 comments
Labels
bug Something isn't working documentation Improvements or additions to documentation priority: normal

Comments

@joaolongo
Copy link

joaolongo commented Jul 31, 2024
edited
Loading

I am currently using Authentik with the OIDC provider backend. I already tried to pass groups as the simple array:

["admin"]

and using the object:

[{"gid": "admin", "displayName": "admin"}]

The payload that sent is:


{
    "name": "some user name",
    "groups": [
        {
            "displayName": "admin",
            "gid": "admin"
        }
    ],
    "quota": "200 GB",
    "user_id": "some user id"
}

My OIDC is configured as follows:

image image
@sthyregod
Copy link

I've got the same issue.

Looking at the other OIDC project it seems like they have an is_admin attribute. Maybe it'll be worth looking into how that works and implement a similar functionality? The current method seems kinda hacky

@sthyregod
Copy link

sthyregod commented Aug 3, 2024
edited
Loading

I've found the fix that worked for me. By default the Use unique user ID is enabled. This hashes the user ids and group ids with the provider name. Disabling that was everything I had to do to make it work.

I can see you also have that enabled so I suggest you disable it and see if it works.

For the maintainers, maybe this info can be written in the Readme and/or in the checkbox description unless you'll look at the implementation I mentioned in my previous comment? I'm sure it'll shave some debugging hours off of future admins' installation process.

@joaolongo
Copy link
Author

I've found the fix that worked for me. By default the Use unique user ID is enabled. This hashes the user ids and group ids with the provider name. Disabling that was everything I had to do to make it work.

I can see you also have that enabled so I suggest you disable it and see if it works.

For the maintainers, maybe this info can be written in the Readme and/or in the checkbox description unless you'll look at the implementation I mentioned in my previous comment? I'm sure it'll shave some debugging hours off of future admins' installation process.

Cool! This fixed the issue for me, thanks! But if a user needs more than one provider this might be an issue.

@edward-ly edward-ly added the bug Something isn't working label Sep 17, 2024
@edward-ly edward-ly added priority: normal documentation Improvements or additions to documentation labels Oct 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working documentation Improvements or additions to documentation priority: normal
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sthyregod @joaolongo @edward-ly