Hi everyone,
We are using FreeIPA as LDAP backend and importing fails, due to users that have multiple "mail" attributes on them.
The problem seems to be, that whatever library is used for the LDAP client, it returns a list of email adresses, that is sent to the database. The database is supposed to check equality of a string and a list, which obviously fails.
Proposal: In case the "email" attribute is a list (i.e. multiple E-Mail adresses), just use the very first item in the list for authentication. However store all E-Mail adresses as aliases for mail-routing.
Logs (redacted):
[2022-01-31 17:43:01.167130]: [ERROR] (flask.app) Database query failed: (MySQLdb._exceptions.OperationalError) (4078, "Illegal parameter data types varchar and row for operation '='")
[2022-01-31 17:43:01.167130]: [SQL: SELECT users.id AS users_id, users.primary_email AS users_primary_email, users.password AS users_password, users.domain_id AS users_domain_id, users.address_status AS users_address_status, users.privilege_bits AS users_privilege_bits, users.externid AS users_externid, users.chat_id AS users_chat_id, users.sync_policy AS users_sync_policy, users.max_size AS users_max_size, (SELECT NULL) AS anon_1, (SELECT NULL) AS anon_2, users.group_id AS users_group_id, users.username AS users_username, users.maildir AS users_maildir, users.lang AS users_lang
[2022-01-31 17:43:01.167130]: FROM users
[2022-01-31 17:43:01.167130]: WHERE users.externid = %s OR users.username = %s
[2022-01-31 17:43:01.167130]: LIMIT %s]
[2022-01-31 17:43:01.167130]: [parameters: (b'756800003', ['bob@tld.com', 'ceo@tld.com'], 1)]
[2022-01-31 17:43:01.167130]: (Background on this error at: http://sqlalche.me/e/13/e3q8)
