Bug ID 647114: LDAP login may fail with empty bindUser.

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IQ Platform(all modules)

Known Affected Versions:

Opened: Feb 23, 2017

Severity: 3-Major


LDAP Authentication fails. This will most likely occur after an upgrade where it was previously working.


Authentication requests from the auth provider will try to use the bindUser field to bind to the LDAP server. If the bindUser field is a blank string it will fail causing login attempts to fail.


The LDAP auth provider has an empty string or a string with all spaces such as "" or " " for the bindUser field. This is different than null. The LDAP server also does not allow anonymous binding.


Set the bindUser field to null.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips