Bug ID 899069: Deployment of an access policy with LDAP Group agent with a double quote

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IQ Access(all modules)

Known Affected Versions:
7.1.0,,,, 7.1.6,, 7.1.7,,, 7.1.8,,,,,, 7.1.9,,,

Opened: Apr 14, 2020

Severity: 3-Major


Access Policies with LDAP Group Agents fail to deploy with the following error: Transaction XXXXX on BIG-IP X.X.X.X failed after 0 seconds: "CN=XXXX," unknown property.


Policies with this VPE agent in them fail to deploy initially.


The policy contains the LDAP Group Agent with the expression which contains a double quote in it.


From BIG-IQ, open the policy and edit the LDAP Group agent. Go to Branch Rules and correct the expression under the 'Advanced' tab by inserting backslash '\' before double-quote, for example: If the deployment fails on: "CN=USERS," unknown property Change it to: \"CN=USERS,\"

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips