Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to rename EntraID GUID-based NextCloud user groups #1017

Open
gork-us opened this issue Dec 31, 2024 · 0 comments
Open

Ability to rename EntraID GUID-based NextCloud user groups #1017

gork-us opened this issue Dec 31, 2024 · 0 comments
Labels
0. Needs triage enhancement New feature or request

Comments

@gork-us
Copy link

gork-us commented Dec 31, 2024

How to use GitHub

  • Please use the 👍 reaction to show that you are interested into the same feature.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
  • Subscribe to receive notifications on status change and new comments.

Feature request

Friendly name overlay for GUID-based EntraID to User_OIDC groups mapping.

Which Nextcloud Version are you currently using: (see administration page)
Hub 9 30.0.4

Is your feature request related to a problem? Please describe.
EntraID -> OpenID connect user backend groups mapping is in GUID, cannot rename groups in the Admin GUI.
When we rename the imported groups in NextCloud upon subsequent user login the groups are renamed to their GUID.
We've tried different context, etc. but even with SAM account names, GUID is the default.

Describe the solution you'd like
We'd like a way to maintain the back-end GUID mapping EntraID to User_OIDC by apply a friendly name for use in NextCloud.
it would be best if the group could be renamed as with any other group, but maintain the provisioning with EntraID.

Describe alternatives you've considered
We've tried other OID software but so far this works the best to provision users and groups via EntraID SSO integration.

Additional context
Using friendly names - Folder01 & Folder01-Admin - are easier and less error-prone than using GUID for Administrators.
As users can see what groups they are a member of in their personal settings/profile page they can more easily see what groups they are/are not in using a friendly group name.
Folders have owners, they don't know what a GUID represents, they are used to "friendly" folder names (as with file servers, DropBox, teams, etc.).

We create specific EntraID groups that are specific for nextcloud users.
We map users to these groups in EntraID
The groups are propagated to NextCloud via the User-OIDC integration.
The group names appear in the NextCloud GUI as GUID.
We match GUID to a friendly name, temporarily rename the new group.
We assign that group to a shared groups folder with the correct permissions.
This way we can manage user provisioning in EntraID, have that flow through to NextCloud for user, group and user file group matching.

If this is possible in User-OIDC today please let us know!
@gork-us gork-us added 0. Needs triage enhancement New feature or request labels Dec 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gork-us