[Bug]: Cannot Create User With 'account' and 'posixAccount' Because uid Is Required Twice #380
Description
Is there an existing issue for this?
- I have searched the existing issues
Environment
- OS: Debian 13 (Trixie)
- PHP: 8.4
- LDAP Server: OpenLDAP 2.6.10PLA Code
Github release download
PLA Version
2.3.0
Current Behavior
When creating a new user, I use account as the structural objectClass and posixAccount as the auxiliary. However, this fails in PLA because it is attempting to use userid from the account objectClass AND uid from the posixAccount objectClass, which both point to the same attribute under the hood.
I can replicate this behavior with the following .ldif:
$ sudo ldapadd -Y EXTERNAL -H ldapi:/// <<EOF
dn: uid=test,ou=People,dc=example,dc=com
objectClass: account
objectClass: posixAccount
objectClass: top
uid: test
userid: test
cn: test
loginShell: /bin/bash
uidNumber: 1001
gidNumber: 1001
homeDirectory: /home/test
userPassword: yoursecretsissafewithme
EOF
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "uid=test,ou=People,dc=example,dc=com"
ldap_add: Type or value exists (20)
additional info: attribute 'uid' provided more than once
Expected Behavior
LPA should be able to recognize that 'uid' and 'userid' are synonyms and only ask for it once in the UI and only submit a single 'uid' to the LDAP server.
Steps To Reproduce
- Click "create new entry".
- Select "account" as the structual objectClass.
- Click "Add objectClass" and select "posixAccount".
- Fill in all fields with valid values.
- Click "Next".
Relevant log output
The GUI does not show a very helpful error. Just "Validation Errors" as a popup in the upper-right of the page.
If I replicate what I believe is going on using an .ldif file I can get a more useful error directly from the OpenLDAP server: "attribute 'uid' provided more than once".Anything else?
No response