Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1334619
Description of problem: When admin happens to enter capitalization of user's attributes wrong, it it cumbersome to fix it. Version-Release number of selected component (if applicable): ipa-server-4.2.0-15.el7.x86_64 How reproducible: Deterministic. Steps to Reproduce: 1. kinit admin 2. ipa user-add david --first=david --last=smith 3. echo Oops, the names should have caps. 4. ipa user-mod david --first=David --last=Smith Actual results: ipa: ERROR: Type or value exists: Note that it says "Type or value exists:" with colon at the end like it tried to tell us something more but nothing more is output. Expected results: --------------------- Modified user "david" --------------------- User login: david First name: David Last name: Smith Home directory: /home/david Login shell: /bin/sh Email address: david@example.test UID: 1056000007 GID: 1056000007 Account disabled: False Password: False Member of groups: ipausers Kerberos keys available: False Additional info: It is possible to change the names to something else and then back to David and Smith, but it is not intuitive.
First and last name are defined in LDAP core schema as 'case ignored':
attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' ) SUP name ) attributetype ( 2.5.4.41 NAME 'name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
It is related to https://fedorahosted.org/389/ticket/48840.
The test case is
ipa user-add --first=foo --last=bar fbar ldapsearch -LLL -D "cn=directory manager" -w ... -b "cn=users,cn=accounts,SUFFIX" uid=fbar givenname sn dn: uid=fbar,cn=users,cn=accounts,SUFFIX givenname: foo sn: bar ipa user-mod fbar --first=Foo ipa: ERROR: Type or value exists: #audit log dn: uid=fbar,cn=users,cn=accounts,SUFFIX result: 20 changetype: modify add: givenName givenName: Foo - delete: givenName givenName: foo
The MOD contains (at least) two modifications. The problem comes from 'givenName' value 'Foo' being added before the value 'foo' being deleted.
This behavior of RHDS is similar to others DS (openldap, dsee). Changing the current behavior of RHDS does not bring any value and is potentially a large change. So likely 48840 will be deferred/not_fix/invalid.
A workaround is to change the order of the modifications that are in the MOD array:
dn: uid=fbar,cn=users,cn=accounts,SUFFIX result: 0 changetype: modify delete: givenName givenName: foo - add: givenName givenName: Foo
Metadata Update from @pvoborni: - Issue assigned to someone - Issue set to the milestone: Future Releases
#7149 was closed as duplicate of this ticket.
Metadata Update from @pvoborni: - Issue close_status updated to: None
I believe issue opened only for this ipa: ERROR: Type or value exists: - Either to provide more output after semicolon. OR - Remove semicolon from end.
Fixed in master (untagged): 4cd26fc
Metadata Update from @rcritten: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
master:
Metadata Update from @frenaud: - Custom field test_case adjusted to test_integration/test_commands.py::TestIPACommand::()::test_user_mod_change_capitalization_issue5879
ipa-4-8:
Login to comment on this ticket.