Bug ID 567105: LDAP attributes not fetched for Remote Role Group matching

Last Modified: Oct 03, 2023

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:

Opened: Jan 12, 2016

Severity: 3-Major

Related Article: K40128010


Remote role group matching does not function when used with LDAP authentication. Inspection of traffic to the LDAP server shows that attributes needed for matching are not fetched.


Remote Role Group matching does not work as expected, specifically, less specific groups may match, or nothing may match, and the default remote role will be used.


When using remote auth with LDAP, Cert-LDAP, or Active Directory, with a remote role group using the 'memberOf' attribute or other LDAP attributes.



Fix Information

LDAP attributes are now correctly fetched for Remote Role Group matching.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips