>>> Quanah Gibson-Mount <qua...@symas.com> schrieb am 14.08.2019 um 01:09 in Nachricht <59A1EC7FB57F5649201E5D92@[192.168.1.144]>:
> > ‑‑On Tuesday, August 13, 2019 4:25 PM +0000 JC <lovecraftes...@yahoo.com> > wrote: > >> >> Now it seems to be the case that, with a user entry in OpenLDAP as >> described above, getpwnam("james") will look for an entry such that the >> its uid attribute takes the value "james". I.e. if the value of uid is, >> say, "James" then it will be ignored. Which, following the discussion >> above, doesn't fit my goal. > > The "uid" attribute is explicitly defined to be case insensitive in > RFC1274, see section 9.3.1 "userid". This is reflected in the OpenLDAP > core schema: > > #attributetype ( 0.9.2342.19200300.100.1.1 > # NAME ( 'uid' 'userid' ) > # DESC 'RFC1274: user identifier' > # EQUALITY caseIgnoreMatch > # SUBSTR caseIgnoreSubstringsMatch > # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) However UNIX is not case-insensitive. We had the case that entering a valid user's name in capital letters (dammed Shift-lock key) caused an authentication failure, and nscd in turn cached that (case-insensitively), so after that even entering the user name in lower case caused a (cached) authentication failure. (I had tried to convince support that this is a bug in nscd, but failed to convince them) So be warned: UNIX is not case-insensitive! Regards, Ulrich > > > Regards, > Quanah > > > ‑‑ > > Quanah Gibson‑Mount > Product Architect > Symas Corporation > Packaged, certified, and supported LDAP solutions powered by OpenLDAP: > <http://www.symas.com>