Zammad LDAP-Sync broken when renaming a User in Active Directory

Technical assistance
1
  • Used Zammad version: 4.0
  • Used Zammad installation type: package
  • Operating system: Linux Ubuntu 18.04.5 LTS
  • Browser + version: Newest Google Chrome

### Expected behavior:
After Renaming a User in Active Directory the next LDAP-Sync from Zammad renames the user in its database.

### Actual behavior:
After renaming a User in Active Directory the next LDAP-Sync disables the old user, creates a new one. From now on every LDAP-Sync changes the user name of the new user with a random 3 digit number behind. To work around this i need to delete the new user, reactive the old user, and delete the old user too.

image
image731×125 5.9 KB

image
image498×625 18.7 KB

every ldap-sync changes the number in the username

### Steps to reproduce the behavior:
Search for an Active-Directory-User which is already synced to Zammad (via LDAP-Sync).
Rename it in the Active Directory(all name-attributes including the username!)
Rename its exchange mail-adress (if thats important - i don’t know)
Run the ldap-sync some times.

image
image526×510 14.9 KB

image

(Is this the right Platform for getting help or should I use github for that? I couldn’t find any similar problems with Zammad)

2

Please show your ldap configuration of Zammad.
Just a side mark: I have never seen an ldap changing samaccount names magically on their own.

Zammad only retreives information so whatever field you map there is the culprit.

3

Thanks for the help.
It’s really a strange thing.

Btw. you tested this on github already: LDAP-Sync broken after Renaming an Active-Directory User · Issue #3607 · zammad/zammad · GitHub
(Probably it just happens if renaming name, samaacountname AND email at once)

I hope the following Screenshots provide all LDAP-Configurations you might need:

image
image626×1001 51.4 KB

image
image
image1333×436 19.5 KB

4

Really can’t tell whats going wrong here.
The settings and mappings to match my environment and it doesn’t do the things it does on your end.

Did you change the environments (e.g. your LDAP) at some point?
Did you verify with an ldap browser that your ldap is not providing that odd data?

5

This problem has not occurred for some time.
Next time I will look with an LDAP browser if it shows the strange numbers inside the samaacountname.

6

I can confirm the behavior of Zammad creating a new user and deactivating both the old and new account. After deleting both user, the new user will be recreated and stays active.
I don’t have the strange behavior with random 3 digits.

7

That only happens if the Unique Identifier is not being used correctly and thus Zammad not being able to find the “old” account any longer. This is a configuration issue.

8

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.