I noticed a problem with user name clashes when using RT::LDAPImport. Say we have two users in LDAP with uid=ab and uid=abc. LDAP Import is set to update existing users.
LDAP import first finds the LDAP entry for uid=abc and finds the corresponding existing user “abc” in the RT database:
User abc already exists as 1234, updating their data.
It updates fields accordingly.
It then finds the LDAP entry for uid=ab and claims to have found the corresponding user:
User ab already exists as 1234, updating their data.
Note that the returned user number is the same in both cases. Consequently, LDAP import now overwrites user data of user ‘abc’ with data from ‘ab’.
The key problem seems to be in line 944 of LDAPImport.pm:
$user_obj->Load( $user->{Name} );
obviously returns users on partial matches, which I believe is not correct.
We are using RT 5.0.9, we currently can’t upgrade to 6.0.2 yet so I can’t test there.
Any ideas how to solve this?
Thank you!