Bug ID 899069: Deployment of an access policy with LDAP Group agent with a double quote

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IQ Access(all modules)

Known Affected Versions:
7.1.0, 7.1.0.1, 7.1.0.2, 7.1.0.3, 7.1.6, 7.1.6.1, 7.1.7, 7.1.7.1, 7.1.7.2, 7.1.8, 7.1.8.1, 7.1.8.2, 7.1.8.3, 7.1.8.4, 7.1.8.5, 7.1.9, 7.1.9.7, 7.1.9.8, 7.1.9.9

Opened: Apr 14, 2020
Severity: 3-Major

Symptoms

Access Policies with LDAP Group Agents fail to deploy with the following error: Transaction XXXXX on BIG-IP X.X.X.X failed after 0 seconds: "CN=XXXX," unknown property.

Impact

Policies with this VPE agent in them fail to deploy initially.

Conditions

The policy contains the LDAP Group Agent with the expression which contains a double quote in it.

Workaround

From BIG-IQ, open the policy and edit the LDAP Group agent. Go to Branch Rules and correct the expression under the 'Advanced' tab by inserting backslash '\' before double-quote, for example: If the deployment fails on: "CN=USERS," unknown property Change it to: \"CN=USERS,\"

Fix Information

None

Behavior Change