Hide Forgot
Description of problem: Per summary. This may be a reasonable behaviour for POSIX groups, but should not be blocked for non-POSIX groups. Version-Release number of selected component (if applicable): ipa-server-4.2.0-15.el7_2.17.x86_64 How reproducible: Always Steps to Reproduce: 1. Navigate to User Groups, + ADD 2. Provide reasonable group name, e.g. "équipe" 3. See error message 4. Switch to Normal or Extended group, same message Actual results: Error message Expected results: Takes reasonable group name Additional info: ldapadd can add a group with such a name just fine. The UI seems to display and operate on the groups OK. If IPA displays groups from external sources, it will see groups with UTF characters. LDAP spec allows for UTF characters in group names. Suspect check was implemented for POSIX groups and was not limited to only POSIX groups.
Upstream ticket: https://fedorahosted.org/freeipa/ticket/6283
Currently all group types shares the same validation logic for their name. It is true that it for non-posix groups doesn't have to be so strict. But this change may bring other issues. E.g. it may prevent non-posix to posix group conversion. Or other currently unforseen one. Given that IPA upstream has ~ 1200 opened bugs and RFEs we need to prioritize carefully. So far this RFE doesn't seems to have big enough demand to be implemented/investigated more.
There weren't any other request for this RFE. Given the possible limitation of other use cases (change to POSIX), the change is controversial. Thus closing.