Bug 14822 - Non-unique "userprincipalname" attributes MUST be forbidden
Summary: Non-unique "userprincipalname" attributes MUST be forbidden
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.11.1
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
Depends on:
Reported: 2021-09-06 10:58 UTC by Kacper
Modified: 2021-09-07 00:58 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Kacper 2021-09-06 10:58:44 UTC
With Samba it's currently possible to create (or edit) a user's userprincipalname attribute with a value that already exists in the domain. This results in non-unique "userprincipalname" attributes and MUST be forbidden. A Windows AD controller does not allow this.
Comment 1 Andrew Bartlett 2021-09-07 00:58:35 UTC
Thank you for your report.  We are aware that Samba does not implement this Windows 2012 feature.  We look forward to addressing this in the medium term.


In the meantime we thank you for your patience. 


Andrew Bartlett