Bug ID 757519: Unable to login using LDAP authentication

Last Modified: Mar 21, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3

Opened: Feb 04, 2019
Severity: 3-Major

Symptoms

User is unable to login using remote LDAP authentication. capturing the LDAP traffic in version 14.1: LDAPMessage searchRequest(2) "user@example.com" baseObject messageID: 2 protocolOp: searchRequest (3) searchRequest baseObject: user@example.com scope: baseObject (0) derefAliases: neverDerefAliases (0) sizeLimit: 0 timeLimit: 30 typesOnly: False Filter: (objectClass=*) attributes: 0 items vs v13.x which is working: LDAPMessage searchRequest(3) "dc=ad,dc=pvt" wholeSubtree messageID: 3 protocolOp: searchRequest (3) searchRequest baseObject: dc=ad,dc=pvt scope: wholeSubtree (2) derefAliases: neverDerefAliases (0) sizeLimit: 2 timeLimit: 30 typesOnly: False Filter: (sAMAccountName=username) attributes: 0 items

Impact

Remote LDAP authentication users are unable to login.

Conditions

LDAP authentication configuration includes user-template which is not a valid DN.

Workaround

You can use either of the following workarounds: -- Create a specific user for bind by configuring bind-dn and bind-pw and remove user-template. -- Switch to local authentication.

Fix Information

None

Behavior Change