Bug 58206 - Special characters as firstname for school users can be used successfully - subsequent errors in school products
Summary: Special characters as firstname for school users can be used successfully - s...
Status: NEW
Alias: None
Product: UCS@school
Classification: Unclassified
Component: General
Version: UCS@school 5.0
Hardware: Other Linux
: P5 normal
Target Milestone: ---
Assignee: UCS@school maintainers
QA Contact:
URL:
Keywords:
: 41791 (view as bug list)
Depends on:
Blocks:
 
Reported: 2025-04-15 14:35 CEST by Mirac Erdemiroglu
Modified: 2025-08-27 17:27 CEST (History)
4 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.057
Enterprise Customer affected?: Yes
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2025041421000112
Bug group (optional): Workaround is available
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mirac Erdemiroglu univentionstaff 2025-04-15 14:35:39 CEST 
It is possible to enter special characters in the mandatory firstname field for school users and successfully create school users. This should be intercepted by the processes so that it is not possible.On my test system I have successfully created a school user with a space as firstname. The UDM output then shows firstname=none. This will cause subsequent errors in other school products, such as ucsschool-kelvin-rest-api, because firstname cannot be none. This is a serious mistake at this point and must not be allowed to happen.

Testsystem:univention-app info
UCS: 5.0-10 errata1240
Installed: dhcp-server=12.0 office365=5.11 prometheus=2.53.3 radius=5.0 samba4=4.16 self-service=5.0 self-service-backend=5.0 ucsschool=5.0 v7 ucsschool-apis=1.1.0 ucsschool-id-connector=3.0.4 ucsschool-kelvin-r
est-api=1.10.3 ucsschool-veyon-proxy=4.9.1.12-ucs1 wekan=6.09-ucs1 4.4/openid-connect-provider=2.2-konnect-0.33.11-2


uid=leerzeichen
DN: uid=leerzeichen,cn=schueler,cn=users,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  DeregisteredThroughSelfService: None
  DeregistrationTimestamp: None
  MRAcceptConflictingTimes: 1
  MRAcceptRecurringItems: 1
  MRProcess: 1
  PasswordRecoveryEmail: None
  PasswordRecoveryEmailVerified: None
  PasswordRecoveryMobile: None
  RegisteredThroughSelfService: None
  UniventionOffice365Data: None
  UniventionOffice365Enabled: 0
  UniventionOffice365TokenResetDate: None
  accountActivationDate: None
  birthday: None
  city: None
  country: None
  departmentNumber: mejneschool2
  description: None
  disabled: 0
  displayName: Leerzeichen
  employeeNumber: None
  employeeType: None
  entryUUID: 6280bb72-ae3d-103f-8fa3-0d5e4193fad9
  firstname: None
  gecos: Leerzeichen
  gidNumber: 5305
  groups: cn=Domain Users mejneschool2,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  groups: cn=mejneschool2-Test-Klasse-5D,cn=klassen,cn=schueler,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  groups: cn=schueler-mejneschool2,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  homeShare: None
  homeSharePath: None
  homedrive: I:
  initials: None
  jitsimeetActivated: None
  jpegPhoto: None
  k4uUserServer: None
  lastbind: None
  lastname: Leerzeichen
  locked: 0
  lockedTime: 0
  mailForwardCopyToSelf: 0
  mailHomeServer: None
  mailPrimaryAddress: None
  mailUserQuota: 0
  modifyTimestamp: 20250415120327Z
  networkAccess: 0
  organisation: None
  overridePWHistory: None
  overridePWLength: None
<skip>


uid=sonderzeichen
DN: uid=sonderzeichen,cn=schueler,cn=users,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  DeregisteredThroughSelfService: None
  DeregistrationTimestamp: None
  MRAcceptConflictingTimes: 1
  MRAcceptRecurringItems: 1
  MRProcess: 1
  PasswordRecoveryEmail: None
  PasswordRecoveryEmailVerified: None
  PasswordRecoveryMobile: None
  RegisteredThroughSelfService: None
  UniventionOffice365Data: None
  UniventionOffice365Enabled: 0
  UniventionOffice365TokenResetDate: None
  accountActivationDate: None
  birthday: None
  city: None
  country: None
  departmentNumber: mejneschool2
  description: None
  disabled: 0
  displayName: &%^$#@ Sonderzeichen
  employeeNumber: None
  employeeType: None
  entryUUID: 313b9f20-ae40-103f-8fad-0d5e4193fad9
  firstname: &%^$#@
  gecos: &%^$#@ Sonderzeichen
  gidNumber: 5305
  groups: cn=Domain Users mejneschool2,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  groups: cn=mejneschool2-mejne2-Klasse,cn=klassen,cn=schueler,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  groups: cn=schueler-mejneschool2,cn=groups,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
  homeShare: None
  homeSharePath: None
  homedrive: I:
  initials: None
  jitsimeetActivated: None
  jpegPhoto: None
  k4uUserServer: None
  lastbind: None
  lastname: Sonderzeichen
  locked: 0
  lockedTime: 0
  mailForwardCopyToSelf: 0
  mailHomeServer: None
  mailPrimaryAddress: None
  mailUserQuota: 0
  modifyTimestamp: 20250415122333Z
  networkAccess: 0
  organisation: None
  overridePWHistory: None
  overridePWLength: None
<skip>
Comment 1 Mirac Erdemiroglu univentionstaff 2025-04-15 15:47:29 CEST 
Another side effect while creating the school exam, i get the following error message.


Could not fulfill the request.

Server error message:

The following students have validation errors:

uid=leerzeichen,cn=schueler,cn=users,ou=mejneschool2,dc=ucs5schoolhejne,dc=intranet
firstname: "First name" is required. Please provide this information.

The student data must be corrected by an Administrator before the students can be added to the exam.
Comment 2 Florian Best univentionstaff 2025-04-15 17:07:28 CEST 
*** Bug 41791 has been marked as a duplicate of this bug. ***
Comment 4 Mirac Erdemiroglu univentionstaff 2025-08-27 17:27:40 CEST 
Changed user pain.