Bug ID 872165: LDAP remote authentication for REST API calls may fail during authorization

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,, 15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,, 16.0.0,, 16.0.1,,, 16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,

Opened: Jan 23, 2020
Severity: 3-Major


LDAP (or Active Directory) remote authentication fails during authorization for REST API calls. Clients receive 401 Unauthorized messages and /var/log/restjavad.x.log may report messages similar to the following: -- [I][1978][26 Mar 2021 13:23:36 UTC][8100/shared/authn/login AuthnWorker] User remoteuser failed to login from using the tmos authentication provider -- [WARNING][807][26 Mar 2021 14:43:24 UTC][RestOperationIdentifier] Failed to validate Authentication failed.


Unable to authenticate as remote-user for access that uses authorization, like REST API calls.


LDAP (or Active Directory) remote authentication configured with a User Template instead of a Bind Account.


You can use either of the following workarounds: -- Configure LDAP/AD remote authentication to utilize a Bind account instead of the User Template. -- Create a local user account for each remote user, allowing local authorization (authentication remains remote).

Fix Information


Behavior Change