The LDAP Integration app connects ownCloud Server to LDAP and Active Directory services for user authentication and group management. It synchronizes users and groups from the directory server, supports multiple LDAP connections and provides configurable attribute mapping, enabling organizations to integrate ownCloud seamlessly with their existing identity infrastructure.
This app is a core component of the ownCloud Server (OC10) authentication stack. It provides the primary enterprise authentication mechanism, connecting ownCloud to LDAP servers (such as OpenLDAP) and Microsoft Active Directory.
The ownCloud Server is available on Docker Hub.
Follow the steps below to enable and configure LDAP integration.
The LDAP app is bundled with ownCloud Server. Enable it via:
php occ app:enable user_ldapmake test-php-unit # Run PHP unit tests
make test-php-style # Check code style
make test-php-phpstan # Run PHPStan static analysis
make test-acceptance-api # Run LDAP API acceptance tests
make test-acceptance-cli # Run LDAP CLI acceptance tests
make test-acceptance-webui # Run LDAP WebUI acceptance testsAdd to config.php for medial (substring) search:
'user_ldap.enable_medial_search' => trueConfigure attribute update interval via occ:
occ config:app:set user_ldap updateAttributesInterval --value=3600Star this repo and Watch for release notifications!
We welcome contributions! Please read the Contributing Guidelines and our Code of Conduct before getting started.
- Rebase Early, Rebase Often! We use a rebase workflow. Always rebase on the target branch before submitting a PR.
- Dependabot: Automated dependency updates are managed via Dependabot. Review and merge dependency PRs promptly.
- Signed Commits: All commits must be PGP/GPG signed. See GitHub's signing guide.
- DCO Sign-off: Every commit must carry a
Signed-off-byline:git commit -s -S -m "your commit message" - GitHub Actions Policy: Workflows may only use actions that are (a) owned by
owncloud, (b) created by GitHub (actions/*), or (c) verified in the GitHub Marketplace.
Help translate this project on Transifex: https://explore.transifex.com/owncloud-org/owncloud/
Please submit translations via Transifex -- do not open pull requests for translation changes.
Do not open a public GitHub issue for security vulnerabilities.
Report vulnerabilities at https://security.owncloud.com -- see SECURITY.md.
Bug bounty: YesWeHack ownCloud Program
This project is licensed under the AGPL-3.0.
The Kiteworks Open Source Program Office, operating under the ownCloud brand, launched on May 5, 2026, to steward the open source ecosystem around ownCloud's products. The OSPO ensures transparent governance, license compliance, community health, and sustainable collaboration between the open source community and Kiteworks, which acquired ownCloud in 2023.
- OSPO Home: https://kiteworks.com/opensource
- GitHub: https://github.com/owncloud
- ownCloud: https://owncloud.com
For questions about the OSPO or licensing, contact [email protected].
The OSPO is driving a strategic relicensing of ownCloud repositories toward the Apache License 2.0, following the Apache Software Foundation's third-party license policy.
Individual repositories will migrate as their audit is completed. The LICENSE file in each repo reflects its current license status (not the target).
Current license: AGPL-3.0 (Category X per Apache policy -- cannot be included in Apache-2.0 works).
Migration prerequisites for this repository:
- CLA/DCO coverage: All past contributors must have signed agreements permitting relicensing
- Copyleft dependency audit: All AGPL/GPL dependencies must be replaced or isolated
- KDE heritage review: Any code with KDE-era copyrights requires legal analysis
- Complete relicensing: AGPL-3.0 is a strong copyleft license; migration requires full relicensing of all files, not just a header change