mail
mail copied to clipboard
nextcloud
Searching for (LDAP)-Nextcloud-Accounts doesn't work
Hello,
I configured the mail app in config.php so that every user gets his email account already integrated (LDAP server for mail and cloud). Every Nextcloud user is also registered with his email address via LDAP at Nextcloud.
I would expect that when I start typing in the address field, the mail app will suggest different Nextcloud users who match the letter combination. But unfortunately nothing happens. Only locally created groups are suggested to me.
Nextcloud: 14.0.3 Mail-App: 0.11.0 Server: Ubuntu 18.04 Nginx
I've got this in the log:
ini_restore() has been disabled for security reasons at /var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Util/Horde/String.php#153
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
IIRC we don't enumerate users from the instance, but just contacts from you address book and the ones you've sent messages before.
@ChristophWurst From the linked bug reports I conclude that some users don't want addresses to be used by the whole instance in autocompletion, but others want exactly that.
Would be great to be able to use this optionally (as opt-in) -> checkbox "Read contacts from user database".
@ChristophWurst From the linked bug reports I conclude that some users don't want addresses to be used by the whole instance in autocompletion, but others want exactly that.
Would be great to be able to use this optionally (as opt-in) -> checkbox "Read contacts from user database".
IMO there should be a global option in the Nextcloud admin settings about this as it effects not just this app but is a global privacy setting.
Pardon me the question but:
Is there any progress regarding this? Current behaviour (Nextcloud 23.0.0, Mail 1.11.6):
- Mail doesn't autocomplete (LDAP) users
- Mail does however autocomplete (LDAP) groups
- Global user search (next to your profile icon in the right corner)
- does find (LDAP) users
- can view selected (LDAP) user's profile with a click on the "person icon"
- cannot jump to writing a new message in Mail - "mail icon" is mailto link (not specific to LDAP users)
I think we can conclude that the Nextcloud-wise user search behaviour makes it:
- security-wise not any more secure than if the Mail would also autocomplete the users
- significantly less comfortable if you want to mail a user (you can, but you have to re-type the global search result, or register the Mail app as the default mail app (if possible))
BTW: I agree with you @ChristophWurst , there should be Nextcloud global settings regarding this issue. I am grateful for most of the progress in Nextcloud*, but this is strictly a base feature that should've been covered before many of the nice-to-have we already have.
*unless that progress is Talk: why oh why, yet another protocol/platform instead of matrix. Dev hours spent to make our community even more fragmented and incompatible, instead of a would-be-inspiring partnership, thanks... Sorry for the offtopic :sweat_smile:...
Bumping since it's been six months. What's the status on this? We're confirming @Samonitari's described behaviour here, with latest Nextcloud version.
If you guys need help implementing autocomplete of LDAP users, please let me know.
What's the status on this? I'm confirming @Samonitari's described behaviour here, with latest Nextcloud version. (Nextcloud 25.0.2 , mail 2.2.2)
I'm circling back to see also if there is a status with this. I love the integration of the Mail app but it is not usable for an LDAP environment compared with apps that will automatically search through the LDAP directory to autosuggest/autocomplete users. I'm continuing to use SnappyMail as a result but would consider the switch with this given enhancement.
@ChristophWurst I've followed the various threads linked to this. Am I correct in understanding that this is a specific security decision that only applies to the Mail app? I'm just making sure that there is a known reason this autocomplete doesn't occur natively. If that is the case then some toggle control would be preferred in my case for sure. I don't understand then why groups would be allowed as options while the users are not. Thank you for continuing to help me understand what is actually happening here in the process. I'm learning more as I go.
The new system address book introduced in Hub5 (27) contains LDAP users. If the settings for access to the system address book are properly set, it is now possible to autocomplete LDAP users.
I updated my test server to the full release 27 this morning and see that all of my domain users are showing up in contacts. My dovecot server allows for me to show or hide users from the Global list. Nextcloud is just publishing all of them. I would prefer to hide system accounts and test users but I'm not sure how to do that now. Also, this still doesn't allow me to lookup any of these users in the Mail app TO field. I have to type out the whole username side of the address before they will recognize the name. And then if I start a new message that same person still doesn't show up until I type the username out. There is no search appearing with the first or last names. Am I missing settings then that are prohibiting? Like before I CAN lookup groups/mailing lists from the email server, just not individuals. Yet the individuals are being looked up in the other apps as before.
I have to type out the whole username side of the address before they will recognize the name.
https://docs.nextcloud.com/server/latest/admin_manual/groupware/contacts.html#system-address-book. Sounds like sharing restrictions are active to only allow autocompletion for full matches. Do you find the same user when sharing a file in Files and use a partial name?
@BiglifeMatt I see the issue here now. Just checked the files sharing and the autocompletion is triggered there earlier. Will have another look into it to find where the restriction is made.
To hide the system address book contacts in the contacts app there will be an possibility soon: https://github.com/nextcloud/contacts/issues/479
@ChristophWurst In File sharing, Deck sharing/assigning, Calendar event participant, and Talk lookups, all I have to do is type one letter and it starts filtering all of my users. This has been the same way since at least NC24 that I can recall. My experiences still mirror what @Samonitari stated in this thread.
Was there a regression about that ? I can no more search the LDAP system address book when composing an email. Same users are present when sharing a file. Nextcloud 27.1.3 / Mail App 3.5.5.
