Unhandled user and group name conflict within Samba AD

[stephdl]

When using Samba AD, it is not possible to have the same name for both a user and a group. If a user or a group with the same name already exists, attempting to create the other results in an error in the UI.

Steps to reproduce

• install a SAMBA AD account provider
• create a group with the name foo
• create a user with the name foo, save -> we have an error in the UI
• create a user with the name john
• create a group with the name john, save -> we have an error in the UI

Expected behavior

The UI should validate whether a username or group name is already in use before saving, preventing the user from submitting an invalid request. Instead of triggering an error after submission, the UI should provide a clear message indicating that the name is already taken and that a different name must be chosen.

Actual behavior

The UI triggers an error but does not guide the user to understand the issue properly.

/usr/lib/python3.12/getpass.py:91: GetPassWarning: Can not control echo on the terminal.
  passwd = fallback_getpass(prompt, stream)
Warning: Password input may be echoed.
New Password: 
Warning: Password input may be echoed.
Retype Password: 
ERROR(ldb): Failed to add user 'toto':  - Entry CN=toto,CN=Users,DC=ad,DC=rocky9-pve4,DC=org already exists
Traceback (most recent call last):
  File "/home/samba1/.config/actions/add-user/50add_user", line 45, in <module>
    subprocess.run(adduser_cmd, input=inputdata, stdout=sys.stderr, check=True, text=True)
  File "/usr/lib64/python3.11/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['podman', 'exec', '-i', 'samba-dc', 'samba-tool', 'user', 'create', 'toto']' returned non-zero exit status 255.


ERROR(ldb): Failed to add group "tata" - Entry CN=tata,CN=Users,DC=ad,DC=rocky9-pve4,DC=org already exists
Traceback (most recent call last):
  File "/home/samba1/.config/actions/add-group/50add_group", line 42, in <module>
    subprocess.run(addgroup_cmd, stdout=sys.stderr, check=True, text=True)
  File "/usr/lib64/python3.11/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['podman', 'exec', 'samba-dc', 'samba-tool', 'group', 'add', 'tata', '--description=tata']' returned non-zero exit status 255.

Components

https://github.com/NethServer/ns8-samba/releases/tag/2.3.1

See also

https://mattermost.nethesis.it/nethesis/pl/skrgatmmf7yjffjcrpt6azmdfc

[stephdl]

version to test
ghcr.io/nethserver/core: 3.5.0-dev.4
ghcr.io/nethserver/samba:2.3.2-dev.2

test the bug is not reproducible

• install the samba AD account provider
• create a user foo, then try to create a group foo, you must have a validation in the UI
• create a group john, then try to create a user john, you must have a validation in the UI