Bug ID 565167: Additional garbage data being logged on user name and domain name for NTLM authentication

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.4.1, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:
12.1.0, 11.5.4 HF3

Opened: Dec 30, 2015
Severity: 3-Major

Symptoms

ECA logs an error message in this format: Could not verify user (<Domain Name>\<User Name>) credential (<Reason>) Example: Could not verify user (mv4\test1) credential (STATUS_NO_LOGON_SERVERS) However, due to missing NUL termination, the user name and domain name may include garbage data such as follwing example: Could not verify user (mv413abfee\test1ewq12dsasd) credential (STATUS_NO_LOGON_SERVERS)

Impact

BIG-IP could not send the verification to ActiveDirectory server for any reasons such as down ActiveDirectory server, incorrect machine account information between BIG-IP, and ActiveDirectory server, etc.

Conditions

When NTLM front end authentication could not send the verification of the user's credential (e.g. ActiveDirectory server is down)

Workaround

No workaround

Fix Information

Now it properly logs the message with correct domain name and user name.

Behavior Change