Bug ID 899069: Deployment of an access policy with LDAP Group agent fails

Last Modified: Jul 22, 2020

Bug Tracker

Affected Product:  See more info
BIG-IQ Access(all modules)

Known Affected Versions:
7.1.0

Opened: Apr 14, 2020
Severity: 3-Major

Symptoms

Access Policies with LDAP Group Agents fail to deploy, and will display the following error: Transaction XXXXX on BIG-IP X.X.X.X failed after 0 seconds: "CN=XXXX," unknown property.

Impact

Policies with this VPE agent in them fail to deploy initially.

Conditions

The policy contains the LDAP Group Agent with the expression which contains a double-quote in it.

Workaround

On BIG-IQ, open the policy and edit the LDAP Group agent. Go to Branch Rules and correct the expression under the 'Advanced' tab by inserting backslash '\' before double-quote, for example: If the deployment fails on: "CN=USERS," unknown property Change it to: \"CN=USERS,\"

Fix Information

None

Behavior Change