Bug ID 759654: LDAP remote authentication with remote roles and user-template failing

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,, 15.0.0, 15.0.1,,,

Fixed In:

Opened: Feb 26, 2019
Severity: 3-Major


The directory server that performs authentication requests refuses a query for authorization (user attributes), which prevents the BIG-IP user from logging on with remote authentication. BAD_NAME errors are usually present in LDAP communication.


The query request sent to the directory server is refused because the password is not included in the request, and the server does not accept an anonymous bind request. The refused request prevents a lookup of the user account attributes on the directory server. As a result, the BIG-IP user cannot logon.


-- Configure LDAP remote authentication with remote roles and a user template. -- As a remote user, attempt to logon.


Remove user-template. bind-dn must be used to authenticate against LDAP server.

Fix Information


Behavior Change