starred/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2026-01-11 21:10:29 +01:00
Code Issues 273 Packages Projects Releases 10 Wiki Activity

Error when using two users via netbox.authentication.LDAPBackend that only differ in case #7460

New Issue
Closed
opened 2025-12-29 20:23:40 +01:00 by adam · 5 comments
adam commented 2025-12-29 20:23:40 +01:00
Owner
Copy Link

Originally created by @k3x on GitHub (Jan 5, 2023).

NetBox version

v3.4.2

Python version

3.8

Steps to Reproduce

  1. Create User "abc" in AD
  2. Create USer "ABC" in AD
  3. use these Settings:
REMOTE_AUTH_BACKEND = 'netbox.authentication.LDAPBackend'
REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
REMOTE_AUTH_AUTO_CREATE_USER = True
REMOTE_AUTH_DEFAULT_GROUPS = []
REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
  1. Login as user abc
  2. Logout
  3. Login as User ABC
  4. Error

Expected Behavior

In Django and Netbox it is possible to use two users abc/ABC without problems. So i think netbox.authentication.LDAPBackend should also support it.

Observed Behavior

MicrosoftTeams-image (1)

Originally created by @k3x on GitHub (Jan 5, 2023). ### NetBox version v3.4.2 ### Python version 3.8 ### Steps to Reproduce 1. Create User "abc" in AD 2. Create USer "ABC" in AD 3. use these Settings: ```REMOTE_AUTH_ENABLED = True REMOTE_AUTH_BACKEND = 'netbox.authentication.LDAPBackend' REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER' REMOTE_AUTH_AUTO_CREATE_USER = True REMOTE_AUTH_DEFAULT_GROUPS = [] REMOTE_AUTH_DEFAULT_PERMISSIONS = {} ``` 6. Login as user abc 7. Logout 8. Login as User ABC 9. Error ### Expected Behavior In Django and Netbox it is possible to use two users abc/ABC without problems. So i think netbox.authentication.LDAPBackend should also support it. ### Observed Behavior ![MicrosoftTeams-image (1)](https://user-images.githubusercontent.com/4257211/210804519-9947afa9-3107-464a-b3c0-8518c453bde8.png)
adam closed this issue 2025-12-29 20:23:40 +01:00
adam commented 2025-12-29 20:23:42 +01:00
Author
Owner
Copy Link

@ziggekatten commented on GitHub (Jan 5, 2023):

Active Directory is case insensitive, so you would always get more than one user back in the response.

So it's really not a netbox issue other than it expect only one user in response.

Why one would like to have two users, one with lowercase and one uppercase I can't really find the usecase for.

@ziggekatten commented on GitHub (Jan 5, 2023): Active Directory is case insensitive, so you would always get more than one user back in the response. So it's really not a netbox issue other than it expect only one user in response. Why one would like to have two users, one with lowercase and one uppercase I can't really find the usecase for.
adam commented 2025-12-29 20:23:43 +01:00
Author
Owner
Copy Link

@k3x commented on GitHub (Jan 6, 2023):

Well in fact it should be the same user in our company, but somehow it was created in Netbox with different lowercase/uppercase letters resulting in the error above.

I didn't notive AD is case-insensitive. Maybe netbox.authentication.LDAPBackend should call lower() on all usernames to mitigate these problems?

@k3x commented on GitHub (Jan 6, 2023): Well in fact it should be the same user in our company, but somehow it was created in Netbox with different lowercase/uppercase letters resulting in the error above. I didn't notive AD is case-insensitive. Maybe netbox.authentication.LDAPBackend should call lower() on all usernames to mitigate these problems?
adam commented 2025-12-29 20:23:43 +01:00
Author
Owner
Copy Link

@jeremystretch commented on GitHub (Jan 6, 2023):

Maybe netbox.authentication.LDAPBackend should call lower() on all usernames to mitigate these problems?

This would be dangerous, as AD does track these as two different accounts. If we were to treat them as one, it would potentially allow a user to authenticate as account A with credentials for account B.

Can you share a complete stack trace so I get a better idea of what's happening to trigger the exception?

@jeremystretch commented on GitHub (Jan 6, 2023): > Maybe netbox.authentication.LDAPBackend should call lower() on all usernames to mitigate these problems? This would be dangerous, as AD does track these as two different accounts. If we were to treat them as one, it would potentially allow a user to authenticate as account A with credentials for account B. Can you share a complete stack trace so I get a better idea of what's happening to trigger the exception?
adam commented 2025-12-29 20:23:43 +01:00
Author
Owner
Copy Link

@github-actions[bot] commented on GitHub (Apr 7, 2023):

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. NetBox is governed by a small group of core maintainers which means not all opened issues may receive direct feedback. Do not attempt to circumvent this process by "bumping" the issue; doing so will result in its immediate closure and you may be barred from participating in any future discussions. Please see our contributing guide.

@github-actions[bot] commented on GitHub (Apr 7, 2023): This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. NetBox is governed by a small group of core maintainers which means not all opened issues may receive direct feedback. **Do not** attempt to circumvent this process by "bumping" the issue; doing so will result in its immediate closure and you may be barred from participating in any future discussions. Please see our [contributing guide](https://github.com/netbox-community/netbox/blob/develop/CONTRIBUTING.md).
adam commented 2025-12-29 20:23:43 +01:00
Author
Owner
Copy Link

@jeremystretch commented on GitHub (May 2, 2023):

Closing this out as it doesn't appear to require any further action.

@jeremystretch commented on GitHub (May 2, 2023): Closing this out as it doesn't appear to require any further action.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
beta
breaking change
complexity: high
complexity: low
complexity: medium
needs milestone
netbox
pending closure
plugin candidate
pull-request
Mirrored from GitHub Pull Request
 severity: high
severity: low
severity: medium
status: accepted
status: backlog
status: blocked
status: duplicate
status: needs owner
status: needs triage
status: revisions needed
status: under review
topic: GraphQL
topic: Internationalization
topic: OpenAPI
topic: UI/UX
topic: cabling
topic: event rules
topic: htmx navigation
topic: industrialization
topic: migrations
topic: plugins
topic: scripts
topic: templating
topic: testing
type: bug
type: deprecation
type: documentation
type: feature
type: housekeeping
type: translation
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/netbox#7460
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?