You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
When creating, updating or reading LDAP groups, the group names are converted to lowercase. However this is not true when deleting a group. This leads to a situation where "vault write auth/ldap/MyGroup1" creates a group, but "vault delete auth/ldap/MyGroup1" does not delete it anymore. You have to use "vault delete auth/ldap/mygroup1" instead.
$ vault write auth/ldap/groups/Test policies=123
Success! Data written to: auth/ldap/groups/Test
$ vault read auth/ldap/groups/Test
Key Value
policies [123]
$ vault read auth/ldap/groups/test
Key Value
policies [123]
$ vault delete auth/ldap/groups/Test
Success! Data deleted (if it existed) at: auth/ldap/groups/Test
$ vault read auth/ldap/groups/Test
Key Value
policies [123]
$ vault read auth/ldap/groups/test
Key Value
policies [123]
$ vault delete auth/ldap/groups/test
Success! Data deleted (if it existed) at: auth/ldap/groups/test
$ vault read auth/ldap/groups/Test
No value found at auth/ldap/groups/Test
$ vault read auth/ldap/groups/test
No value found at auth/ldap/groups/test
Expected behavior
I would expect that step 6. above deletes the group, the same way it was created, and that the commands in step 7. an 8. return "No value found".
The text was updated successfully, but these errors were encountered:
Describe the bug
When creating, updating or reading LDAP groups, the group names are converted to lowercase. However this is not true when deleting a group. This leads to a situation where "vault write auth/ldap/MyGroup1" creates a group, but "vault delete auth/ldap/MyGroup1" does not delete it anymore. You have to use "vault delete auth/ldap/mygroup1" instead.
To Reproduce
Steps to reproduce the behavior:
$ vault server -dev
==> Vault server configuration:
Administrative Namespace:
Api Address: http://127.0.0.1:8200
Cgo: disabled
Cluster Address: https://127.0.0.1:8201
Environment Variables: DBUS_SESSION_BUS_ADDRESS, HOME, HOSTTYPE, LANG, LESSCLOSE, LESSOPEN, LOGNAME, LS_COLORS, NAME, OLDPWD, PATH, PWD, SHELL, SHLVL, TERM, USER, WSLENV, WSL_DISTRO_NAME, _
Go Version: go1.23.3
Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0.1:8201", disable_request_limiter: "false", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
Log Level:
Mlock: supported: true, enabled: false
Recovery Mode: false
Storage: inmem
Version: Vault v1.18.3, built 2024-12-16T14:00:53Z
$ vault auth enable ldap
Success! Enabled ldap auth method at: ldap/
$ vault write auth/ldap/groups/Test policies=123
Success! Data written to: auth/ldap/groups/Test
$ vault read auth/ldap/groups/Test
Key Value
policies [123]
$ vault read auth/ldap/groups/test
Key Value
policies [123]
$ vault delete auth/ldap/groups/Test
Success! Data deleted (if it existed) at: auth/ldap/groups/Test
$ vault read auth/ldap/groups/Test
Key Value
policies [123]
$ vault read auth/ldap/groups/test
Key Value
policies [123]
$ vault delete auth/ldap/groups/test
Success! Data deleted (if it existed) at: auth/ldap/groups/test
$ vault read auth/ldap/groups/Test
No value found at auth/ldap/groups/Test
$ vault read auth/ldap/groups/test
No value found at auth/ldap/groups/test
Expected behavior
I would expect that step 6. above deletes the group, the same way it was created, and that the commands in step 7. an 8. return "No value found".
The text was updated successfully, but these errors were encountered: