First Last Prev Next    This bug is not in your last search results.
Bug 56353 - Usernames invalid for Windows login are allowed in UCS (f.e. con.*)
Usernames invalid for Windows login are allowed in UCS (f.e. con.*)
Status: NEW
Product: UCS
Classification: Unclassified
Component: Samba
UCS 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: Samba maintainers
Samba maintainers
https://git.knut.univention.de/univen...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2023-07-26 10:36 CEST by Jan-Luca Kiok
Modified: 2023-07-31 08:39 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 5: Blocking further progress on the daily work
User Pain: 0.143
Enterprise Customer affected?: Yes
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2023061221000171
Bug group (optional): Regression
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jan-Luca Kiok univentionstaff 2023-07-26 10:36:04 CEST 
+++ This bug was initially created as a clone of Bug #56152 +++

+++ This bug was initially created as a clone of Bug #53519 +++

In Windows, there are some names that are reserved for special use (https://docs.microsoft.com/en-us/windows/win32/fileio/naming-a-file).
With our freely definable scheme we allow user names that can lead to such names. If this happens, no check takes place and diffuse errors occur under Windows.
Most reserved names should be rare to non-existent, with con.* I can think of several names that can lead to such user names; as in the attached ticket.


This was fixed in the UCS@school importer (via not creating these names), but default UCS Samba domains are affected too and currently allow them.
First Last Prev Next    This bug is not in your last search results.