Cloudron LDAP middle name not correctly propagated
-
On Cloudron side, because we have only one input box, we simplistically just split on space and use the first and last words as first and last name. The middle name is just never exposed via LDAP. Obviously, this will break in a variety of names on apps that use separate first and last names.
-
@girish then this will also give issues with people who has a double first name like Marie Therese van der Steen will be Marie Steen or double last names like Marie Therese van der Steen tot Oberndorff and that is also absolutely unacceptable.
Maybe the solution is simple: your code is trying to divide the first and last names. If you create only a First Name and Last Name field and migrate current users accoding to the current code. Then admins are able to correct all double first, lastnames and add middle names to lastnames?
btw: the names here are of course fiction but the names by itself do excist.
-
@imc67 while there is an issue in Cloudron with how it treats the names, I think what's actually needed is to fix the WP plugin. Practically none of the app require the first name and last name separated. Meaning, fixing the cloudron code may not actually fix your problem.
I did a quick check, the following apps will have trouble:
moodle-app
redmine-app
openproject-app
wordpress-managed
matomo-app
metabase-app
dolibarr-appJust going through the apps now to see if they support "middle name".
-
moodle - https://docs.moodle.org/401/en/LDAP_authentication#Data_Mapping no middle name support
redmine - https://www.redmine.org/projects/redmine/wiki/RedmineLDAP no middle name
openproject - cannot find a link but has no middle name support
metabase - https://www.metabase.com/docs/latest/configuring-metabase/environment-variables no middle name support
ok, I will stop here.
-
@imc67 Generally, if a software has first name and last name as separate input boxes, do you just skip the middle name? Or do you put the middle name along in the last name input box? I think we can arrive at some workaround based on your answer.
-
For further clarification Cloudron generally only takes a free form field for the name (basically firstname + lastname)
In LDAP this will be set as the
displayName
which is what most apps should use. But there are alsogivenName
(firstname) andsn
(surname) LDAP attributes, which we fill based on the first and the last word of that input field value. -
@nebulon said in Cloudron LDAP middle name not correctly propagated:
In LDAP this will be set as the displayName which is what most apps should use. But there are also givenName (firstname) and sn (surname) LDAP attributes, which we fill based on the first and the last word of that input field value.
If I've understood correctly what @imc67 is saying is why not:
- Keep givenName (firstname) as the first word, just as you have it
- Make sn (surname) all the rest of the words (not just the last word) to catch middle names and unhyphenated surnames with multiple words.
Sounds sensible to me. Is there a reason that wouldn't work?
-
@girish said in Cloudron LDAP middle name not correctly propagated:
Currently, we don't have first name and last name separate.
This would be also really nice in terms of privacy because I (and many others) don't want their full name exposed in certain apps and I had to come up with some workarounds in the past to ensure that.
-
Thanks for the input. I guess we have to have separate input boxes for first and last name in Cloudron to fix this. And also store them separately in the database instead of a single displayname field.
-
-