From a1da6a897d6c04dcae6e313cce2da9f04c2ecb07 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Thu, 26 Sep 2019 18:40:16 +0200
Subject: [PATCH] fixed issue with group of names update

---
 lam/lib/modules.inc              | 1 +
 lam/lib/modules/posixAccount.inc | 6 ++++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc
index 3371a44c..1603d50d 100644
--- a/lam/lib/modules.inc
+++ b/lam/lib/modules.inc
@@ -2009,6 +2009,7 @@ class accountContainer {
 					if (!$success) {
 						logNewMessage(LOG_ERR, 'Unable to modify attributes of DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). '
 							. getExtendedLDAPErrorMessage($_SESSION['ldap']->server()));
+						logNewMessage(LOG_DEBUG, print_r($attributes[$DNs[$i]]['modify'], true));
 						$errors[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
 						$stopprocessing = true;
 					}
diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc
index 50c25313..947382b3 100644
--- a/lam/lib/modules/posixAccount.inc
+++ b/lam/lib/modules/posixAccount.inc
@@ -815,7 +815,7 @@ class posixAccount extends baseModule implements passwordService {
 			$toAdd = array_values(array_diff($this->gonList, $this->gonList_orig));
 			$toRem = array_values(array_diff($this->gonList_orig, $this->gonList));
 			// update groups if DN changed
-			if (isset($accountContainer->dn_orig) && ($accountContainer->dn_orig != $accountContainer->finalDN)) {
+			if (isset($accountContainer->dn_orig) && (strtolower($accountContainer->dn_orig) != strtolower($accountContainer->finalDN))) {
 				// update owner/member/uniqueMember attributes
 				$searchAttrs = array('member', 'uniquemember', 'owner');
 				foreach ($searchAttrs as $searchAttr) {
@@ -831,10 +831,12 @@ class posixAccount extends baseModule implements passwordService {
 							}
 						}
 						if ($found) {
-							$success = @ldap_mod_replace($_SESSION['ldap']->server(), $ownerGroups[$i]['dn'], array($searchAttr => $newOwners));
+							$attributesToModify = array($searchAttr => $newOwners);
+							$success = @ldap_mod_replace($_SESSION['ldap']->server(), $ownerGroups[$i]['dn'], $attributesToModify);
 							if (!$success) {
 								$ldapError = getDefaultLDAPErrorString($_SESSION['ldap']->server());
 								logNewMessage(LOG_ERR, 'Unable to modify attributes of DN: ' . $ownerGroups[$i]['dn'] . ' (' . $ldapError . ').');
+								logNewMessage(LOG_DEBUG, print_r($attributesToModify, true));
 								$messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $ownerGroups[$i]['dn']), $ldapError);
 							}
 						}