LDAP authentication fails on passwords with ">" character

Report bugs and workarounds
Post Reply
dbrunt
Posts: 64
Joined: 28 Nov 2015 00:09

LDAP authentication fails on passwords with ">" character

Post by dbrunt » 22 Jul 2016 22:15

There seems to be an issue with LDAP authentication when the user's password contains special characters. The one I have diagnosed thus far contained the greater than character ">". LDAP authentication would report bad username or password. Changed Windows password and removed the ">" character and LDAP then succeeded.

Can this be fixed?

EFA version 3.0.1.0

dbrunt
Posts: 64
Joined: 28 Nov 2015 00:09

Re: LDAP authentication fails on passwords with ">" character

Post by dbrunt » 25 Jul 2016 21:27

There is also an issue if you use a ">" character in passwords for users in the internal database.

Ampersand (&) is another which won't authenticate via LDAP...

User avatar
shawniverson
Posts: 3005
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: LDAP authentication fails on passwords with ">" character

Post by shawniverson » 03 Aug 2016 22:37

Version eFa 4.0.2 now available!

dbrunt
Posts: 64
Joined: 28 Nov 2015 00:09

Re: LDAP authentication fails on passwords with ">" character

Post by dbrunt » 25 Oct 2016 22:29

I've just fixed the problem.

In the ldap_authenticate function in /var/www/html/mailscanner/functions .php change

Code: Select all

if (ldap_bind($ds, $user, "$password")) {
to

Code: Select all

if (ldap_bind($ds, $user, html_entity_decode($password))) {
Is this a MailWatch bug?

Post Reply