Infinite Scale | News from ownCloud

Sprint Review: Hybrid User Attributes

In recent weeks, ownCloud developers presented a bunch of helpful new features in user/group and identity management. It is now possible to override ID settings by the local ownCloud server, and a logout will end all of the user's sessions in the backend. Apart from that, there's a new side panel for user settings, and much more.
ownCloud secure cloud solution for filesharing

“Hybrid” Settings in User Management

ownCloud customers that integrate their own user management into ownCloud with a backend like LDAP or Open ID can now use only certain fields from the central identity management, fields that are ownCloud-specific can be managed in the ownCloud user management. Admins can define fields that are not changeable through the admin frontend (i.e. the information in these fields will always come from the backend.)

Even though an LDAP/OID provider may provide all necessary information for ownCloud user management, some fields may be “overridden” by local settings; others are necessary, but may not exist in the external authentication backend – like the ownCloud user’s or group’s quota or settings that are individual for Spaces. Check the administration documentation for further details on Open ID Connect (OIDC), the connector used by ownCloud.

Screenshot 2023 05 23 at 11.05.53

Figure 1: Administrators can now permit local user management settings to override the configuration retrieved from the identity provider.

In ownCloud, a tiny “lock” symbol in the panel on the right indicates fields whose content cannot be changed by the local administrator, since they are acquired from the authentication backend (e.g. LDAP or OIDC). Figure 1 shows this for user management.

Batch Mode

Apart from that, the developers added many other features, including extended batch mode in ownCloud’s user and group administration (Figure 2) and  an “Edit Login” button on top that allows easy access to the new features – like removing permission to log in from a user’s account. Especially when combining the new filter interface with batch mode and the new per-user-settings, administrators may save a lot of time in daily work.

Batch edit Dialog

Figure 2: Administrators of ownCloud can now edit many user settings through batch mode – they can set the quota for several users in one go.

Those new filter options make it easier to find users and edit several accounts at the same time. Figure 2 shows the suggestions an administrator is given after he has used filters to find two particular users because he wants to deactivate their accounts. Thanks to batch mode, he can do that with a few mouse clicks.

New side panel for group members

Answering a wish often voiced by customers and users, ownCloud developers added a new side panel that shows all members of a group (Figure 3). Administrators can now more easily access a list of group members and batch edit it.

Group edit members

Figure 3: On the right, there now is a handy group tab that shows all members of a selected group.

Backchannel logout

Administrators using Identity providers like Open ID Connect will know a logout on the client has to be followed by a logout of the user account on all connected servers and services. Because Open ID servers are accomplishing this transparently in the backend, the technical term is “OpenID backchannel logout“. ownCloud developers integrated that in ownCloud; Figure 4 shows how it works.

ownCloud backchannel logout draft

Figure 4: As a part of oidc, the OiD server logs users out of all services in the backend when the client requests a logout and then reports successful logouts to the client app.

Administrators can configure Backchannel logout in ownCloud with the GUI of Keycloak (Figure 5)

image 2023 5 22 15 13 56

Figure 5: With ownCloud, back channel logout can be configured in Keycloak

A logout on a client like ownCloud that is connected through Single-Sign-On (SSO) will now also log the user out of all other sessions that the client is connected to.

Markus Feilner

May 23, 2023

Ready to see what’s next?

Having trouble viewing or submitting this form?

Contact Us

We care about protecting your data. Here’s our Privacy Policy.

Read now:

ownCloud Infinite Scale 4.0 is released!

ownCloud Infinite Scale 4.0 is released!

ownCloud has launched Infinite Scale 4.0, the latest significant update to its secure content collaboration platform. This release introduces a range of new features and functionalities, including enhanced capabilities for importing data from third-party clouds, simplifying data upload, refining search functions with the use of tags and filters, and further enhancing user-friendly linking and navigation.

read more
Go for Enterprise: ownCloud Infinite Scale

Go for Enterprise: ownCloud Infinite Scale

Tim Schürmann, a seasoned IT journalist from Germany, specializes in open source and programming languages. Over the last several years, he has authored many articles on Go, including several related to ownCloud. We sought his expert insights on Go in the context of ownCloud Infinite Scale. Here is his op-ed.

read more