Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

LDAP: can not find user when name and surname are empty on AD-user-object #12582

Closed
victorbw opened this issue Nov 22, 2018 · 9 comments
Closed

Comments

@victorbw
Copy link

Sometimes it happens or is mandatory that some LDAP users (Microsoft Server 2016 in this case), like admins or other technical accounts, do NOT have any name or surname in the object listed.

grafik

Nextcloud version (eg, 12.0.2): 14.0.3
Operating system and version (eg, Ubuntu 17.04): ubuntu 16.04LTS
Apache or nginx version (eg, Apache 2.4.25): apache 2.4.18
PHP version (eg, 7.1): 7.0

The issue you are facing: nc-ldap is not showing any user who has empty name & surname fields.

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

create AD-User
remove users name/surname
rescan AD
users without name/surname wont be listed at all and therefore cannot log in

So the questions are:

Is this a behaviour by design or simply got forgotten to cover? Haven't found any information about this so far.
Anyone else seen the same issue?
Is there a workaround for this, except for filling name and surname into AD-Object?

thanks in advance! 😉

@nextcloud-bot
Copy link
Member

GitMate.io thinks possibly related issues are #7510 (User is not found when is searched by name and one of surnames), #5577 (Cannot delete User which is deleted in LDAP), #6719 (Changing LDAP user Full Name), #12229 (LDAP Searches in Sharing Returning Duplicates and Disabled User Objects), and #8760 (User is not found when is searched by name and one of surnames #7510).

@blizzz
Copy link
Member

blizzz commented Nov 29, 2018

The issue you are facing: nc-ldap is not showing any user who has empty name & surname fields.

To be precise, it does not import any user with a missing displayname attribute (as configured).

So, yes, this is by design, to (reliably…) avoid pulling in various system accounts.

@ChristophWurst
Copy link
Member

Sooo … wontfix?

@blizzz
Copy link
Member

blizzz commented Nov 29, 2018

Yeah, essentially, yes.

@blizzz blizzz closed this as completed Nov 29, 2018
@victorbw
Copy link
Author

Maybe this should be mentioned in the documentation as a side-note - just in case?

@blizzz
Copy link
Member

blizzz commented Nov 30, 2018

@victorbw i thought it was, but apparently it is not, indeed. Would you like to try to bring it in? → https://github.com/nextcloud/documentation/blob/master/admin_manual/configuration_user/user_auth_ldap.rst

@victorbw
Copy link
Author

victorbw commented Dec 5, 2018

@victorbw i thought it was, but apparently it is not, indeed. Would you like to try to bring it in? → https://github.com/nextcloud/documentation/blob/master/admin_manual/configuration_user/user_auth_ldap.rst

If there's no stress to be done within a few days, sure, why not :)

Hope I'll do it right - just planting a new pull-request should do it, right?

@ChristophWurst
Copy link
Member

Hope I'll do it right - just planting a new pull-request should do it, right?

Yes! Thank you!

@victorbw
Copy link
Author

victorbw commented Dec 5, 2018

moved to #1010

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants