LDAP Server profile with PAN-OS 5.0.10

cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP Server profile with PAN-OS 5.0.10

L0 Member

Hi!

I have upgraded our passive/active PA-500 cluster from 5.0.8 to 5.0.10

and stack with a problem, LDAP server profile Invalid credentials.

palo_syslog.png

Resetting password and even making brand new user for LDAP profile doesn't helped.

I've logged to console and run  

palo_con.png

palo_cmd_screen.png

Seems problem is in OU name what LDAP user belongs, it contains an Ä letter (Estonian).

Moving user to OU with BIND DN without ÄÖÜÕ or any other special character cleared the situation.

Saw the Question is it 5.0.10 BUG? Because It works from 5.0.1 till 5.0.8 without any problems.

2 REPLIES 2

L4 Transporter

Hello lastehaigla,

From the description we see that after an upgrade to 5.0.10 from 5.0.8 without any changes in configuration and ldap auth issues raised.

If the problem was narrowed down to a character Ä letter may be that is it. I have seen earlier where a special character or a symbol(like & in name) would have issues in parsing the data when extracted.

May be a case is needed to narrow down, confirm and resolve the issue.

Thanks

L5 Sessionator

similar discussion:-

https://live.paloaltonetworks.com/message/36328#36328

so as phoenix mentioned please open a case.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!