Page 1 of 1
LDAP authentication fails on passwords with ">" character
Posted: 22 Jul 2016 22:15
by dbrunt
There seems to be an issue with LDAP authentication when the user's password contains special characters. The one I have diagnosed thus far contained the greater than character ">". LDAP authentication would report bad username or password. Changed Windows password and removed the ">" character and LDAP then succeeded.
Can this be fixed?
EFA version 3.0.1.0
Re: LDAP authentication fails on passwords with ">" character
Posted: 25 Jul 2016 21:27
by dbrunt
There is also an issue if you use a ">" character in passwords for users in the internal database.
Ampersand (&) is another which won't authenticate via LDAP...
Re: LDAP authentication fails on passwords with ">" character
Posted: 03 Aug 2016 22:37
by shawniverson
Re: LDAP authentication fails on passwords with ">" character
Posted: 25 Oct 2016 22:29
by dbrunt
I've just fixed the problem.
In the ldap_authenticate function in /var/www/html/mailscanner/functions .php change
Code: Select all
if (ldap_bind($ds, $user, "$password")) {
to
Code: Select all
if (ldap_bind($ds, $user, html_entity_decode($password))) {
Is this a MailWatch bug?