Hi,
I don’t know if this is an sssd bug or not:
On a RHEL 9 machine, a local user with “ø”, “å” or “æ” in their Full Name gets their name displayed fine on the login window on gnome.
However, users with those characters in their full name that are fetched from LDAP get those characters truncated when displaying on the Lock Screen/login window.
Sending a screenshot. The third user should be “Røys”.
I tested it with other users, and it seems that this happens with base64-encoded UTF8 strings fetched from LDAP.
Is is an SSSD issue? Is there a fix?
Best,
Francis
Never mind. Just realized that it was our gecos value that was truncated. Using `ldap_user_gecos = cn` fixed it.
On 3 Mar 2025, at 09:31, Francis Augusto Medeiros-Logeay via sssd-users sssd-users@lists.fedorahosted.org wrote:
Hi,
I don’t know if this is an sssd bug or not:
On a RHEL 9 machine, a local user with “ø”, “å” or “æ” in their Full Name gets their name displayed fine on the login window on gnome.
However, users with those characters in their full name that are fetched from LDAP get those characters truncated when displaying on the Lock Screen/login window.
Sending a screenshot. The third user should be “Røys”.
I tested it with other users, and it seems that this happens with base64-encoded UTF8 strings fetched from LDAP.
Is is an SSSD issue? Is there a fix?
Best,
Francis <Screenshot 2025-03-03 at 09.08.01.png>-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
On Пан, 03 сак 2025, Francis Augusto Medeiros-Logeay via sssd-users wrote:
Never mind. Just realized that it was our gecos value that was truncated. Using `ldap_user_gecos = cn` fixed it.
RFC22307 defines gecos field as IA5String. IA5String is basically 128 characters of ASCII. So you cannot use UTF-8 with gecos field in LDAP.
The only reasonable way is to remap gecos in SSSD like you did with `ldap_user_gecos = cn`.
On 3 Mar 2025, at 09:31, Francis Augusto Medeiros-Logeay via sssd-users sssd-users@lists.fedorahosted.org wrote:
Hi,
I don’t know if this is an sssd bug or not:
On a RHEL 9 machine, a local user with “ø”, “å” or “æ” in their Full Name gets their name displayed fine on the login window on gnome.
However, users with those characters in their full name that are fetched from LDAP get those characters truncated when displaying on the Lock Screen/login window.
Sending a screenshot. The third user should be “Røys”.
I tested it with other users, and it seems that this happens with base64-encoded UTF8 strings fetched from LDAP.
Is is an SSSD issue? Is there a fix?
Best,
Francis <Screenshot 2025-03-03 at 09.08.01.png>-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Ah, thanks Alexander - good to know.
Best,
Francis
--- Francis Augusto Medeiros-Logeay Oslo, Norway
On 2025-03-03 09:46, Alexander Bokovoy via sssd-users wrote:
On Пан, 03 сак 2025, Francis Augusto Medeiros-Logeay via sssd-users wrote:
Never mind. Just realized that it was our gecos value that was truncated. Using `ldap_user_gecos = cn` fixed it.
RFC22307 defines gecos field as IA5String. IA5String is basically 128 characters of ASCII. So you cannot use UTF-8 with gecos field in LDAP.
The only reasonable way is to remap gecos in SSSD like you did with `ldap_user_gecos = cn`.
On 3 Mar 2025, at 09:31, Francis Augusto Medeiros-Logeay via sssd-users sssd-users@lists.fedorahosted.org wrote:
Hi,
I don’t know if this is an sssd bug or not:
On a RHEL 9 machine, a local user with “ø”, “å” or “æ” in their Full Name gets their name displayed fine on the login window on gnome.
However, users with those characters in their full name that are fetched from LDAP get those characters truncated when displaying on the Lock Screen/login window.
Sending a screenshot. The third user should be “Røys”.
I tested it with other users, and it seems that this happens with base64-encoded UTF8 strings fetched from LDAP.
Is is an SSSD issue? Is there a fix?
Best,
Francis <Screenshot 2025-03-03 at 09.08.01.png>-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
-- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland
Am Mon, Mar 03, 2025 at 09:31:46AM +0100 schrieb Francis Augusto Medeiros-Logeay via sssd-users:
Hi,
I don’t know if this is an sssd bug or not:
On a RHEL 9 machine, a local user with “ø”, “å” or “æ” in their Full Name gets their name displayed fine on the login window on gnome.
However, users with those characters in their full name that are fetched from LDAP get those characters truncated when displaying on the Lock Screen/login window.
Sending a screenshot. The third user should be “Røys”.
I tested it with other users, and it seems that this happens with base64-encoded UTF8 strings fetched from LDAP.
Hi,
what does `getent passwd username` in the GECOS files (the one before the home directory)? Typically it should contain the full name, is it displayed correctly here?
bye, Sumit
Is is an SSSD issue? Is there a fix?
Best,
Francis
-- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
On 3 Mar 2025, at 09:59, Sumit Bose sbose@redhat.com wrote:
Am Mon, Mar 03, 2025 at 09:31:46AM +0100 schrieb Francis Augusto Medeiros-Logeay via sssd-users:
Hi,
I don’t know if this is an sssd bug or not:
On a RHEL 9 machine, a local user with “ø”, “å” or “æ” in their Full Name gets their name displayed fine on the login window on gnome.
However, users with those characters in their full name that are fetched from LDAP get those characters truncated when displaying on the Lock Screen/login window.
Sending a screenshot. The third user should be “Røys”.
I tested it with other users, and it seems that this happens with base64-encoded UTF8 strings fetched from LDAP.
Hi,
what does `getent passwd username` in the GECOS files (the one before the home directory)? Typically it should contain the full name, is it displayed correctly here?
bye, Sumit
No, it wasn’t. An ldapsearched show me that cn was right encoded, but not gecos. So I just mapped it to cn and it works fine now.
Best Francis
sssd-users@lists.fedorahosted.org
-
Alexander Bokovoy -
Francis Augusto Medeiros-Logeay -
Sumit Bose