User ids are intentionally matched case insensitively. This issue demonstrates a case where they are not.
Setup Nexus to connect to an LDAP realm which contains a user record which has a userid of lowercase testuser1. Verify that you can authenticate as that user id.
Create a new role in nexus called custom_role.
Create a script to map roles to users like this and put in an Execute Script task:
Execute the script. The script creates a record in the Nexus security database similar to this:
One can authenticate the userid as testuser1 or TESTUSER1. However when the user record is found in the Users list in nexus, there will be no roles shown in the Active role list and after signin, the user will not have the permissions granted by the custom_role either.
Conversely if the user mapping is created using the Nexus UI, the userid is stored in Nexus with the lettercase matching that as stored in the LDAP server. In that case, when the custom_role is mapped to the user, there is no problem reading back its active roles.
Since userids are to be authenticated case insensitively, a users roles should also be looked up by userid from the Nexus database case insensitively.
Since it is also possible that NXRM has allowed multiple user role mappings to the same userid ( but with different lettercase ), there should be a way for an admin to reconcile these duplicate userids either by way of running a script or from an upgrade step.