Bug #6791
closedUpgrade 2.2.6 > 2.3.2 had broken LDAP authentication
0%
Description
Hi,
I jut want to declare the following bug that we had discovered:
We upgraded one of our test firewall from version 2.2.6 to 2.3.2. Prior upgrade, we configured LDAP authentication creating a new SERVER into USER MANAGER > AUTHENTICATION SERVER. And before upgrade this was working fine, user were able to connect, edit and make changes.
Now, after upgrade, LDAP (Active Directory) users can still connect based on their Active Directory group membership. However, when you try to edit configuration and then click on SAVE, page get refreshed and change are not applied. Issue is not prsent whith local admin user.
Only solution we found was to DROP LDAP server into SERVER TAB and recreate it. This had fixed the issue.
Finally, if I go to DIAGNOSTIC > AUTHENTICATION, I'm getting the error on attached image. However, if I go to USER MANAGER > AUTHENTICATION SERVER > select a container, all my OU objects are listed. Also note that password appears in clear text on webpage....
************
Thanks guy for your assistance and for maintaining this great project
Michel de CREVOISIER
https://fr.linkedin.com/in/mdecrevoisier
Files
Updated by Jim Pingle over 7 years ago
- Status changed from New to Rejected
- Target version deleted (
2.3.2-p1) - Affected Version deleted (
2.3.x)
The bind credentials field is covered by #6759 and has already been fixed in the repository.
If your LDAP users can't make changes then your local group must have the "Deny Config Write" privilege, which was not properly respected in the past but was fixed on 2.3.x. Remove that from the group and they should then be able to make changes.
If you have other issues beyond that, please discuss them on the forum or the mailing list first until a specific bug is identified, and then you can make a ticket with the details for a single issue per ticket.