Bug: Users with unicode characters from LDAP are not created correctly #83

New Issue

OVERLORD · 2026-02-04T16:37:13+03:00

OVERLORD commented

2026-02-04 16:37:13 +03:00

Originally created by @SergioMendolia on GitHub (Mar 30, 2016).

Hello,

I have some users with accent in their name that cannot login after first time. When they try to login for the first time, their account is created and they are able to use the wiki. But whenever they try to login a second time it doesn't work.
when I look into the account, the external auth ID is truncated after their Accent, IE:
CN=Micka instead of CN=Mickaël Mathieu,OU=Users_Lausanne,DC=domain,DC=ch

I tried to manually update the auth ID, and afterwards when they try to login with debug=true, they get the following message:
QueryException in Connection.php line 669: SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry 'mickael.mathieu@domain.ch' for key 'users_email_unique' (SQL: insert intousers(name,external_auth_id,email,email_confirmed,remember_token,updated_at,created_at) values (Micka�l Mathieu, CN=Micka�l Mathieu,OU=Users_Lausanne,DC=domain,DC=ch, mickael.mathieu@domain.ch, 1, [edited:hash], 2016-03-30 07:06:58, 2016-03-30 07:06:58)

Originally created by @SergioMendolia on GitHub (Mar 30, 2016). Hello, I have some users with accent in their name that cannot login after first time. When they try to login for the first time, their account is created and they are able to use the wiki. But whenever they try to login a second time it doesn't work. when I look into the account, the external auth ID is truncated after their Accent, IE: `CN=Micka` instead of `CN=Mickaël Mathieu,OU=Users_Lausanne,DC=domain,DC=ch` I tried to manually update the auth ID, and afterwards when they try to login with debug=true, they get the following message: `QueryException in Connection.php line 669: SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry 'mickael.mathieu@domain.ch' for key 'users_email_unique' (SQL: insert into`users`(`name`,`external_auth_id`,`email`,`email_confirmed`,`remember_token`,`updated_at`,`created_at`) values (Micka�l Mathieu, CN=Micka�l Mathieu,OU=Users_Lausanne,DC=domain,DC=ch, mickael.mathieu@domain.ch, 1, [edited:hash], 2016-03-30 07:06:58, 2016-03-30 07:06:58)`

OVERLORD added the 🐛 Bug label 2026-02-04 16:37:13 +03:00

OVERLORD closed this issue

2026-02-04 16:37:15 +03:00

OVERLORD commented

2026-02-04 16:37:32 +03:00

@ssddanbrown commented on GitHub (Mar 30, 2016):

Hi @sirgix,

I've tried to replicate this issue but I can't seem to produce the same results as reported. I used the name Mickaël Mathieu for a new user on my LDAP server and could log in with that name without issue (Multiple times).

Are unicode characters working in other areas of the application such as in a page?

Also, Would you be able to provide the LDAP_USER_FILTER you're using?

@ssddanbrown commented on GitHub (Mar 30, 2016): Hi @sirgix, I've tried to replicate this issue but I can't seem to produce the same results as reported. I used the name `Mickaël Mathieu` for a new user on my LDAP server and could log in with that name without issue (Multiple times). Are unicode characters working in other areas of the application such as in a page? Also, Would you be able to provide the LDAP_USER_FILTER you're using?

OVERLORD commented

2026-02-04 16:37:41 +03:00

@SergioMendolia commented on GitHub (Mar 31, 2016):

Hey @ssddanbrown

All unicode characters are fine elsewehere. It's only in this error message that they are not correctly encoded.

also:

LDAP_USER_FILTER=(&(mail=${user}))
LDAP_VERSION=false

Thanks a lot !

@SergioMendolia commented on GitHub (Mar 31, 2016): Hey @ssddanbrown All unicode characters are fine elsewehere. It's only in this error message that they are not correctly encoded. also: ``` LDAP_USER_FILTER=(&(mail=${user})) LDAP_VERSION=false ``` Thanks a lot !

OVERLORD commented

2026-02-04 16:37:44 +03:00

@ssddanbrown commented on GitHub (Apr 3, 2016):

Hi @sirgix,

I've done some more testing, Made my set-up much more like yours (Used the same filter, Forced the system to use DN's as the UID) but I still can't get this issue to occur.

The database Exception you're getting is due to the AuthID's not matching (Due to the encoding issue) and therefore BookStack tries to create a new user but this fails since a user with that Email already exists.

Since you're not seeing the same issues anywhere else I'm starting to think it may be due to the encoding from your LDAP server. Could you double check on the exact encoding your LDAP server is using?

@ssddanbrown commented on GitHub (Apr 3, 2016): Hi @sirgix, I've done some more testing, Made my set-up much more like yours (Used the same filter, Forced the system to use DN's as the UID) but I still can't get this issue to occur. The database Exception you're getting is due to the AuthID's not matching (Due to the encoding issue) and therefore BookStack tries to create a new user but this fails since a user with that Email already exists. Since you're not seeing the same issues anywhere else I'm starting to think it may be due to the encoding from your LDAP server. Could you double check on the exact encoding your LDAP server is using?

OVERLORD commented

2026-02-04 16:37:50 +03:00

@SergioMendolia commented on GitHub (Apr 3, 2016):

@ssddanbrown don't worry, thanks a lot for your help! I'll try and look at it myself this week and then I'll make a PR when I find the problem, directly on our system!

@SergioMendolia commented on GitHub (Apr 3, 2016): @ssddanbrown don't worry, thanks a lot for your help! I'll try and look at it myself this week and then I'll make a PR when I find the problem, directly on our system!

OVERLORD commented

2026-02-04 16:38:02 +03:00

@SergioMendolia commented on GitHub (Apr 6, 2016):

@ssddanbrown I found the problem. I had to specify ldap_version to 3 and then enconding is correct.

We have a pretty old LDAP server and maybe not setting the version specifically doesn't enforce utf8? I don't really know the why, but it works now!

@SergioMendolia commented on GitHub (Apr 6, 2016): @ssddanbrown I found the problem. I had to specify ldap_version to 3 and then enconding is correct. We have a pretty old LDAP server and maybe not setting the version specifically doesn't enforce utf8? I don't really know the why, but it works now!

OVERLORD referenced this issue

2026-02-04 22:19:51 +03:00

after upgrade, clicking 'Edit Profile' throws an error - ReflectionException (-1) Class SocialiteProviders\GitLab\GitLabExtendSocialite does not exist #804

OVERLORD referenced this issue

2026-02-05 00:06:06 +03:00

Date on Exported PDF is in UTC #1157

Sign in to join this conversation.