From 014b34acc69175916d62bf4b4943136b1d052b66 Mon Sep 17 00:00:00 2001
From: piernov <piernov@piernov.org>
Date: Sat, 15 May 2021 16:44:46 +0200
Subject: [PATCH 1/2] Fix default gid 65534 for User in LDAP

posixAccount objectclass (intended to be used with the uid/gid/homedir fields) requires a gid.
Always set a gid in LDAP for the User class even if the user does not belong to any group.
By default 65534 which corresponds to the nobody group on major distributions (incl. Debian).
---
 htdocs/user/class/user.class.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index 89995a4584e..6c0645e82b7 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -2678,10 +2678,10 @@ class User extends CommonObject
 		}
 
         if (!empty($conf->global->LDAP_FIELD_USERID))$info[$conf->global->LDAP_FIELD_USERID] = $this->id;
-        if (!empty($info[$conf->global->LDAP_FIELD_GROUPID])) {
+        if (!empty($conf->global->LDAP_FIELD_GROUPID)) {
             $usergroup = new UserGroup($this->db);
             $groupslist = $usergroup->listGroupsForUser($this->id);
-            $info[$conf->global->LDAP_FIELD_GROUPID] = '1';
+            $info[$conf->global->LDAP_FIELD_GROUPID] = '65534';
             if (!empty($groupslist)) {
                 foreach ($groupslist as $groupforuser) {
                     $info[$conf->global->LDAP_FIELD_GROUPID] = $groupforuser->id; //Select first group in list

From beff175de130c3ff3ac736c8ed89d0346df568a9 Mon Sep 17 00:00:00 2001
From: piernov <piernov@piernov.org>
Date: Sat, 15 May 2021 16:48:43 +0200
Subject: [PATCH 2/2] Fix use login for User homedir in LDAP

posixAccount objectclass (intended to be used with the uid/gid/homedir fields) requires a homedir.
Always set a homedir in LDAP for the User class even if user does not have a firstname by using the login instead.
Additionally on Linux the login is typically used for the home directory rather than the first name.
It also avoids having accentuated or other special characters (commonly found in names) in the home directory path.
---
 htdocs/user/class/user.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php
index 6c0645e82b7..2d5a09659db 100644
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -2689,7 +2689,7 @@ class User extends CommonObject
                 }
             }
         }
-        if (!empty($this->firstname) && !empty($conf->global->LDAP_FIELD_HOMEDIRECTORY) && !empty($conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX)) $info[$conf->global->LDAP_FIELD_HOMEDIRECTORY] = "{$conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX}/$this->firstname";
+        if (!empty($conf->global->LDAP_FIELD_HOMEDIRECTORY) && !empty($conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX)) $info[$conf->global->LDAP_FIELD_HOMEDIRECTORY] = "{$conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX}/$this->login";
 
         return $info;
     }