api/users: catch existing user also on case insensitive realm

[pve-access-control.git] / PVE / API2 / User.pm

diff --git a/PVE/API2/User.pm b/PVE/API2/User.pm
index f282a1c1793d4a6a30466ec9be81b9f5a2592a17..05de57f37d4155078b30cfd646bb7457732a5940 100644 (file)
--- a/PVE/API2/User.pm
+++ b/PVE/API2/User.pm
@@ -234,8 +234,9 @@ __PACKAGE__->register_method ({
 
            my $usercfg = cfs_read_file("user.cfg");
 
-           die "user '$username' already exists\n"
-               if $usercfg->{users}->{$username};
+           # ensure "user exists" check works for case insensitive realms
+           $username = PVE::AccessControl::lookup_username($username, 1);
+           die "user '$username' already exists\n" if $usercfg->{users}->{$username};
 
            PVE::AccessControl::domain_set_password($realm, $ruid, $param->{password})
                if defined($param->{password});