Werk #16787: ldap: users should be created without the suffix unless there are conflicts
Component | Setup | ||||||
Title | ldap: users should be created without the suffix unless there are conflicts | ||||||
Date | Jun 5, 2024 | ||||||
Level | Trivial Change | ||||||
Class | Bug Fix | ||||||
Compatibility | Compatible - no manual interaction needed | ||||||
Checkmk versions & editions |
|
Previously, if you had an ldap connection configured with both a "suffix" and "create users only on login" enabled. The username used to login would be used to create a user profile.
E.g.
- testuser1 -> created a userprofile called testuser1
- testuser1@suffix -> created a userprofile called testuser1@suffix
This was incorrect. The suffix should only be used when there are conflicts.
This werk addresses this issue by changing the behaviour to:
- Check if the user (without the suffix) already exists.
- If it's the same user, login with this user. No need to create a new user profile.
- If it's a different user, repeat the process using the username with the suffix.