mail is a CASE IGNORE string. I,E, Case changes do not make the strings different.
-- O'Reilly Active Directory Fifth Edition - http://link.joeware.org/AD5E Blog: http://blog.joeware.net
On Mon, Oct 10, 2016 at 6:03 PM, Patrick Zacharias LittleFighter19@web.de wrote:
When trying to add new value towards the mail attribute, which is essentially the same address just with different cases, it is prevented.
I created an user like this:
dn: uid=patrick,ou=people,dc=example,dc=org objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uid: patrick sn: User givenName: patrick cn: patrick displayName: Patrick uidNumber: 10001 gidNumber: 5000 userPassword: {SHA}[NOPE] gecos: Patrick loginShell: /bin/bash homeDirectory: /home/patrick mail: example@googlemail.com
Then I wanted to add another mail with different casing, because according to RFC 5321 those two could be different email addresses:
dn: uid=patrick,ou=people,dc=example,dc=org changetype: modify add: mail mail: Example@googlemail.com
However this fails with
ldap_modify: Type or value exists (20) additional info: modify/add: mail: value #0 already exists
While doing the same with
dn: uid=patrick,ou=people,dc=example,dc=org changetype: modify add: mail mail: Example123@googlemail.com
It works fine. Any idea how to solve this?
Well, that's the problem. The server software I use (more specific gerrit) uses the string in the database and performs a case sentitive compare
in order to authenticate the user when committing changes (you can only commit changes which include your email account).
Because "example@googlemail.com" is not "Example@googlemail.com" it fails.
You can add multiple email accounts. But this does not work as ldap stops you, because in it's opinion it already exists. LDAP understands then "Example" == "example" and won't let you create it.
The gerrit devs (if I recall correctly) argued that this behavior is intentional as due to the standard, mails can be case sensitive and get to different recipients.
Now I'd like to know if it possible to modify the scheme that way so that mail works case sensitive (because that's also what the standard says).
Or if there is a way to force the creation of entries with the "same" value
Thanks in advantage.
Patrick Zacharias LittleFighter19@web.de schrieb am 17.11.2016 um 23:27 in
Nachricht 1cf95a21-01f6-6fa6-4a2a-31d1ad01c5a3@web.de:
Well, that's the problem. The server software I use (more specific gerrit) uses the string in the database and performs a case sentitive compare
in order to authenticate the user when committing changes (you can only commit changes which include your email account).
Because "example@googlemail.com" is not "Example@googlemail.com" it fails.
You can add multiple email accounts. But this does not work as ldap stops you, because in it's opinion it already exists. LDAP understands then "Example" == "example" and won't let you create it.
The gerrit devs (if I recall correctly) argued that this behavior is intentional as due to the standard, mails can be case sensitive and get to different recipients.
RFC 2822 does say nothing about cases in the message, but RFC 2821 says: "Verbs and argument values (e.g., "TO:" or "to:" in the RCPT command and extension name keywords) are not case sensitive, with the sole exception in this specification of a mailbox local-part (SMTP Extensions may explicitly specify case-sensitive elements)."
Now I'd like to know if it possible to modify the scheme that way so that mail works case sensitive (because that's also what the standard says).
So for SMTP at least cases should be taken care of (while almost all implementations don't make a difference in cases). I guess case insensitivity came from X.400 and hosts that didn't know about lower case anyway ;-)
Or if there is a way to force the creation of entries with the "same" value
Thanks in advantage.
openldap-technical@openldap.org