Symptom
LDAP bind request contains extra backslash characters. Example:
2019 Dec 3 15:31:09.327801 ldap: ldap_escape_special_characters Before escaping : uid=Administrator,CN=Users,DC=lab,DC=local
2019 Dec 3 15:31:09.327808 ldap: ldap_escape_special_characters: After escaping : uid\=Administrator,CN=Users,DC=lab,DC=local
The bind will later fail with:
2019 Dec 3 15:31:09.342327 ldap: ldap_handle_bind_rsp: (user bzick) - bind for root failed - error Invalid credentials
OR
2019 Dec 3 15:31:09.342327 ldap: ldap_handle_bind_rsp: (user bzick) - bind for root failed - error No such object
depending on LDAP sever usage (AD vs OpenLDAP respectively).
Conditions
RootDN in the configuration contains the string "uid=" example:
ldap-server host 192.168.1.4 rootDN "uid=Administrator,CN=Users,DC=lab,DC=local" password cisco timeout 60
Workaround
Utilize a rootDN with CN= instead of uid=. Example:
ldap-server host 192.168.1.4 rootDN "CN=Administrator,CN=Users,DC=lab,DC=local" password cisco timeout 60
Further Problem Description
