[GH-ISSUE #1164] [BUG] Changing the Display Name of a group changes also its CN #415

New issue

Closed

opened 2026-02-27 08:17:10 +03:00 by kerem · 3 comments

kerem commented 2026-02-27 08:17:10 +03:00

Owner

Copy link

Originally created by @Wrong-Code on GitHub (May 1, 2025).
Original GitHub issue: https://github.com/lldap/lldap/issues/1164

Describe the bug
Changing the Display Name attribute of a group has a side effect to also rename the group (altering its CN) to the same value.

To Reproduce
Steps to reproduce the behavior:

1. Select one group
2. Change its display name
3. Click on Save changes
4. The CN of the group follows the DN change

Expected behavior
CN and displayName are two different attributes. They are managed correctly for users, but not for groups.

Logs
None.

Additional context
None.

Originally created by @Wrong-Code on GitHub (May 1, 2025). Original GitHub issue: https://github.com/lldap/lldap/issues/1164 **Describe the bug** Changing the Display Name attribute of a group has a side effect to also rename the group (altering its CN) to the same value. **To Reproduce** Steps to reproduce the behavior: 1. Select one group 2. Change its display name 3. Click on Save changes 4. The CN of the group follows the DN change **Expected behavior** CN and displayName are two different attributes. They are managed correctly for users, but not for groups. **Logs** None. **Additional context** None.

kerem 2026-02-27 08:17:10 +03:00

• closed this issue
• added the
  bug
  label

kerem commented 2026-02-27 08:17:10 +03:00

Author

Owner

Copy link

@nitnelave commented on GitHub (May 1, 2025):

Actually, in LLDAP they are aliases of each other for groups.

You can create your own custom attribute (e.g. "name") and add a different name for each group, mapping it differently in the various services.

This is intended for simplicity, the use case of groups being a user-facing entity being considered rarer than not, so having a single name/CN for groups simplifies administration.

<!-- gh-comment-id:2844800981 --> @nitnelave commented on GitHub (May 1, 2025): Actually, in LLDAP they are aliases of each other for groups. You can create your own custom attribute (e.g. "name") and add a different name for each group, mapping it differently in the various services. This is intended for simplicity, the use case of groups being a user-facing entity being considered rarer than not, so having a single name/CN for groups simplifies administration.

kerem commented 2026-02-27 08:17:10 +03:00

Author

Owner

Copy link

@Wrong-Code commented on GitHub (May 1, 2025):

If so, I would suggest to remove the display name from groups. As it is its usage is misleading, being displayName is a well-defined attribute in many LDAP implementations, and it's not expected to be the same thing of the common name.

<!-- gh-comment-id:2844824099 --> @Wrong-Code commented on GitHub (May 1, 2025): If so, I would suggest to remove the display name from groups. As it is its usage is misleading, being displayName is a well-defined attribute in many LDAP implementations, and it's not expected to be the same thing of the common name.

kerem commented 2026-02-27 08:17:10 +03:00

Author

Owner

Copy link

@nitnelave commented on GitHub (May 1, 2025):

I know that I'm departing from convention; but LLDAP does not aim to be a conventional LDAP server, and it is aimed primarily at people who are not very familiar with LDAP or other LDAP servers.

I feel like this is a good default situation, though it could be more clearly communicated. Thankfully, we have ongoing work to clarify the attributes and more specifically the aliases, so it will be clearer that display name, cn and uid are the same thing for groups.

<!-- gh-comment-id:2844847309 --> @nitnelave commented on GitHub (May 1, 2025): I know that I'm departing from convention; but LLDAP does not aim to be a conventional LDAP server, and it is aimed primarily at people who are not very familiar with LDAP or other LDAP servers. I feel like this is a good default situation, though it could be more clearly communicated. Thankfully, we have ongoing work to clarify the attributes and more specifically the aliases, so it will be clearer that display name, cn and uid are the same thing for groups.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dependabot/github_actions/codecov/codecov-action-6

copilot/fix-equality-filters-list-attributes

dependabot/github_actions/docker/build-push-action-7

dependabot/github_actions/docker/metadata-action-6

dependabot/github_actions/docker/setup-buildx-action-4

dependabot/github_actions/docker/login-action-4

copilot/update-download-artifact-action

copilot/fix-opensuse-warnings

copilot/fix-1268

copilot/fix-727

copilot/fix-898

copilot/fix-1256

copilot/fix-1251

copilot/fix-1249

copilot/fix-1206

user-attribute-form

user-ui

group-ui

server-user-attribute-schema

crates

haveibeenpwned

v0.6.2

v0.6.1

v0.6.0

v0.5.0

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.0

v0.2.0

v0.0.1

Labels

Clear labels   

backend

  

blocked

  

bug

  

cleanup

  

dependencies

  

docker

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

frontend

  

github_actions

  

good first issue

  

help wanted

  

help wanted

  

integration

  

invalid

  

ldap

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

rust

  

rust

  

tests

  

wontfix

No labels

backend

blocked

bug

cleanup

dependencies

docker

documentation

duplicate

enhancement

enhancement

frontend

github_actions

good first issue

help wanted

help wanted

integration

invalid

ldap

pull-request

question

rust

rust

tests

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/lldap-lldap#415

No description provided.