Issue 2720: LDAP login not case sensitive - convolutes acct ids; increments acct id sequence
Status:  Invalid
Owner: ----
Closed:  Jun 2014
Reported by supersky...@gmail.com, Jun 17, 2014
Affected Versions: 2.8.3, 2.9

What steps will reproduce the problem?
1. Log in via LDAP (i.e. Gerald.R.Ford) and establish account
2. Sign out
3. Log in via LDAP using same username but with different case (i.e. gerald.r.ford)

What is the expected output? 
The expected result is to be signed into the same account that was established with the original username (in camel-case) or perhaps rejected because of "name already in use" as in version 2.7.

What do you see instead?
The result is to be signed into a new account. In addition, the new account is usually given an external account user id that is already in use, resulting in one user's account showing another user's name. 

In 2.9 this occurred only the first time. Each subsequent time the lower case username is rejected (which I suppose is ok), however, the acct id sequence is incremented for no apparent reason. 


Please provide any additional information below.
This is easily reproduced in 2.8.3. I incremented the acct id sequence and manipulated the 'account_external_ids' table to fix the convoluted names for 6 users. Then I instructed them to use camel-case only. I won't be able to do this for 100's of users. 

I reproduced it once in 2.9-rc2 but this may have been a result of altering the account id sequence previous to upgrading. It seems to have reset to a lower (used) value during the upgrade. The only reason I changed the acct id sequence was in an attempt to prevent the current accounts from becoming convoluted every time someone logged in differently (case-wise) than than they had the first time.

So I think the "duplicate" account creation might be fixed in 2.9-rc2, I'm just not sure, but the acct id sequence does not not need to increment every time a login is rejected.

Jun 23, 2014
Project Member #1 edwin.ke...@gmail.com
You can configure case insensitive login for LDAP, see
  https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#ldap.localUsernameToLowerCase
Status: Invalid