diff --git a/docs/admin/configuration/authentication-and-user-management/keycloak-user.md b/docs/admin/configuration/authentication-and-user-management/keycloak-user.md new file mode 100644 index 00000000..4df20bc3 --- /dev/null +++ b/docs/admin/configuration/authentication-and-user-management/keycloak-user.md @@ -0,0 +1,90 @@ +--- +sidebar_position: 4 +id: keycloak-user +title: adding user with keycloak +description: Adding user with Keycloak +draft: true +--- + +# Creating New Users in Keycloak for OpenCloud + +This guide explains how to create new users in Keycloak for OpenCloud, including guest users without personal spaces. While OpenCloud currently does not have a built-in "invite external user" feature, this functionality can be replicated using Keycloak. + +## Background + +One of the most frequently requested features by administrators has been support for guest or external users. Previously, this was discussed as adding external users during the sharing process. These users were provisioned on the fly and received an invite link. + +Although OpenCloud does not natively support this method, similar functionality can be achieved using Keycloak for user management. + +## Step 1: Assign Admin Permissions in Keycloak + +To manage users and groups for OpenCloud, you need a user with administrative privileges in the Keycloak realm. + +1. Log in to Keycloak as an admin. +2. Navigate to the OpenCloud realm: + [https://keycloak.keycloak-daily.opencloud.rocks/admin/openCloud/console/#/openCloud](https://keycloak.keycloak-daily.opencloud.rocks/admin/openCloud/console/#/openCloud) +3. Assign appropriate roles (such as `realm-admin`) to the user you want to promote. + +> Example: A user named `dennis` is assigned as a Realm Admin. + +Once assigned, the user can log in as a Realm Administrator and access user and group management. + +## Step 2: Add New Users or Groups + +With admin permissions, you can now create users and groups: + +- Navigate to the Users section in the Keycloak Admin Console. +- Click Add User. +- Fill in the required user details (e.g., username, email). +- Optionally assign the user to one or more groups. +- Assign roles to define their access level. + +### Recommended Role: `OpenCloudGuest` + +Assigning the `OpenCloudGuest` role ensures that the user does not receive a personal space in OpenCloud. This setup is ideal for guest or lightweight accounts. + +## Step 3: Configure User Settings + +Once the user is created, you can define mandatory actions: + +- Set an initial password. +- Require the user to update their profile on first login. +- Require email verification. + +These actions can be set under the User Settings > Required Actions section. + +## First Login Experience for Guest Users + +When a guest user logs in for the first time, they will: + +1. Be prompted to change their password. +2. Update their profile (name, email, etc.). +3. Verify their email address. + +After successful login, they will not receive a personal space — fulfilling the guest user requirement. + +## Optional: Enable Self Registration + +You can allow users to register themselves without manual creation. + +To enable self-registration: + +1. Go to the Login settings in the OpenCloud realm. +2. Enable the User Registration option. + +### Self Registration Flow + +- Users see a Register option on the login screen. +- They complete the registration form. +- After submission, they receive a verification email. +- Once verified, they can log in with their credentials. + +## Summary + +By leveraging Keycloak: + +- You can create and manage guest users for OpenCloud. +- Guest users can log in without receiving a personal space. +- You can streamline the process with self-registration. + +This setup provides a flexible and scalable way to manage external and lightweight users in OpenCloud through Keycloak. diff --git a/docs/user/common-issues.md b/docs/user/common-issues.md new file mode 100644 index 00000000..0a6ae2a4 --- /dev/null +++ b/docs/user/common-issues.md @@ -0,0 +1,41 @@ +--- +sidebar_position: 10 +id: common-issues +title: Common Issues & Help +description: Common issues & help +draft: false +--- + +# Common Issues & Help + +## Symlinks are not synchronized with the Desktop Client + +### Problem + +Symbolic links (symlinks) are not synchronized by the OpenCloud Desktop Client. Users often wonder why linked folders or files are missing or not accessible. + +### Reasoning + +Symlinks are deliberately excluded from synchronization for several important reasons: + +- Not portable: Symlinks often point to paths that only exist on the original machine. On another device, the target path likely doesn't exist. +- Not usable in the web interface: The web interface cannot interpret or display symlinks. +- Problematic on Windows: Symlink support on Windows is limited and inconsistent. +- Risk of circular references: Symlinks could point to each other in loops, causing infinite synchronization cycles. +- Loss of identity: If the client were to follow the link and synchronize the target, it would become a regular copy of the data. The original nature of the symlink would be lost. + +### Solution + +Sync Folders Outside the Sync Root Using Symlinks + +If you want to synchronize a folder that is located outside your sync root, you can still achieve this by moving the folder into your sync root and replacing the original location with a symlink. + +#### Example + +You want to synchronize the folder `/foo/A`, but your sync root is `/home/bar/OpenCloud/Personal`. + +1. Move the folder into your sync root: + + ```bash + mv /foo/A /home/bar/OpenCloud/Personal/foo/A + ```