Downcase LDAP DN/External UID
Zendesk issue: https://gitlab.zendesk.com/agent/tickets/48736
A customer is experiencing a rather difficult issue with LDAP group sync. They observed that the member join time was being 'updated' for each group member every hour or two (basically, when the sync runs). Debugging led us to understand that the LDAP DN was not being matched correctly due to casing issues.
For example, in extern_uid
maybe the DN was UID=foo,DC=bar
but when we compare the DN, or attempt to find it in the access levels object we use uid=foo,dc=bar
. In all cases we should lower the DN before comparing.
I'm sure @jacobvosmaer-gitlab will be interested to hear this bug as we've spent much time discussing DNs and comparison.
I'll take a look to see the best way to fix this. It may be as 'simple' as lowering the case in the sync for now. Or maybe we resurrect the ol' DN sanitization scheme. We shall see what the path to least resistance is.