Bug ID 565167: Additional garbage data being logged on user name and domain name for NTLM authentication

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
11.4.1, 11.6.0, 11.6.1, 11.6.2, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.1.0, 11.5.4 HF3

Opened: Dec 30, 2015

Severity: 3-Major


ECA logs an error message in this format: Could not verify user (<Domain Name>\<User Name>) credential (<Reason>) Example: Could not verify user (mv4\test1) credential (STATUS_NO_LOGON_SERVERS) However, due to missing NUL termination, the user name and domain name may include garbage data such as follwing example: Could not verify user (mv413abfee\test1ewq12dsasd) credential (STATUS_NO_LOGON_SERVERS)


BIG-IP could not send the verification to ActiveDirectory server for any reasons such as down ActiveDirectory server, incorrect machine account information between BIG-IP, and ActiveDirectory server, etc.


When NTLM front end authentication could not send the verification of the user's credential (e.g. ActiveDirectory server is down)


No workaround

Fix Information

Now it properly logs the message with correct domain name and user name.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips