Bug ID 757519: Unable to logon using LDAP authentication with a user-template

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3

Fixed In:
15.1.0, 15.0.1.4, 14.1.2.3

Opened: Feb 04, 2019

Severity: 3-Major

Related Article: K92525101

Symptoms

Cannot logon using remote LDAP authentication. This occurs because LDAP with user-template configured uses the user-template value as the distinguished name (DN) for the LDAP search, instead of a properly formed X.500 name, for example: cn=xxx,ou=xxx,dc=example,dc=org

Impact

Remote LDAP authentication users are unable to login. Note: The user-template value is not a valid DN.

Conditions

-- LDAP authentication configuration includes the user-template value as the DN. -- Attempt to logon.

Workaround

You can use either of the following workarounds: -- Create a specific user for bind by configuring bind-dn and bind-pw, and remove user-template. -- Switch to local authentication.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips