Summary

Starting in Crowd 2.11, users who are duplicated in multiple directories should only be counted once if they are associated with the same application (as detailed in Crowd 2.11 release notes). However, if the duplicated usernames have different letter casing (e.g. "bob" vs "BOB"), then they will still be counted twice.

Steps to reproduce

1. Install an affected version of Crowd (this has been tested in 2.11.1 and 2.12.0)
2. Create two internal directories, DirectoryA and DirectoryB
3. Create a user in DirectoryA called "bob"
4. Create a user in DirectoryB called "BOB"
5. Create an application
6. Add DirectoryA and DirectoryB to the application, in that order, and set both to "Allow all groups to authenticate"
7. Go to Crowd Admin > Licensing, and recalculate user total

Expected behavior

Current user count should be "2" (default admin account + one instance of "bob")

Actual behavior

Current user count shows "3" (default admin account + "bob" + "BOB"). This is a bug because only "bob" from the top directory should be counted.

Other notes

Aside from double counting if both users are enabled, this can also cause problems if the top user is disabled but the bottom user is still enabled. In this scenario, Crowd will still count the bottom user against the license even though effectively the user cannot log in due to directory order and the top user taking precedence.

Workarounds

• Option 1: Rename usernames so that they match in terms of casing across directories. Note that this will not work properly if user comes from an external sources, e.g. LDAP
• Option 2: Adjust your directory configurations such that there are no duplicate usernames across directories