Univention Bugzilla – Bug 45058
No join possible if domain administrator has a zero in its username
Last modified: 2023-01-25 12:47:54 CET
Line: base/univention-system-setup/umc/python/setup/util.py:618 ''' # sanitize username reg = re.compile('[^ a-zA-Z_1-9-]') username = reg.sub('_', _username) ''' According to that regex zeros aren't valid in usernames? Anyway I think we should show an error instead of silently replacing characters from the username.
Can you say more about the context? What is the variable username used for?
(In reply to Florian Best from comment #1) > Can you say more about the context? What is the variable username used for? Afaik the username is the domain admin which is used for setup-join.sh. Earlier during the setup then the credentials are checked the username is not modified. (base/univention-system-setup/umc/python/setup/util.py def check_credentials_nonmaster)
While this may be wrong, the only user created during system setup is 'Administrator'. Thus, it is very unlikely that a username with a zero gets passed to the script.
(In reply to Jannik Ahlers from comment #3) > While this may be wrong, the only user created during system setup is > 'Administrator'. > Thus, it is very unlikely that a username with a zero gets passed to the > script. Unlikely yes :) But it is possible to add users to the "Domain Admins" group and use such a user for the join...
I changed the regex for the username validation to also allow a zero. univention-system-setup.yaml 6f7c86605347 | Bug #45058: Domain join now also works when the username has a zero in it univention-system-setup (13.0.3-38) 6f7c86605347 | Bug #45058: Domain join now also works when the username has a zero in it
OK: join possible with domain administrator account having "0" in its username OK: YAML
<https://errata.software-univention.de/#/?erratum=5.0x554>