Invalid credentials error with passwords containing special character

[Kenny-54]

Hi !

Describe the bug Unable to bind on Linux platform if password contains characters from extended ASCII table (eg. £ € §).

Same code with same password works well on Windows. Works well too with ldapsearch command line.

To Reproduce Attempt to bind (simply for credential verification) with :

cn.Bind(LdapAuthType.Digest, new LdapCredential
{
    UserName = "username",
    Password = "password"
});

Failed with :

Invalid credentials. 8009030C: LdapErr: DSID-0C090590, comment: AcceptSecurityContext error, data 52e, v2580. Result: 49. Method: BindSasl

Tried with LdapAuthType.Simple too (LDAP or LDAPS) ==> same error

Expected behavior Calling bind method not raising exception

Desktop (please complete the following information):

• OS: Debian 11
• Library version 2.7.13
• .NET core 6.0
• LDAP server : Active Directory

Thanks for your help !

[alexavator]

Hi

Does your code works well on Debian with simple password, without characters from extended ASCII table?

I guess I faced with the same problem, but the problem was not on password but on username. On windows you have to use username@domain, but on Linux you have to use just username. It works for me at Ubuntu 18.04

[Kenny-54]

Hi

Yes, my code works well on Debian with simple password. I tried with username@domain and just username, results are the same. On Windows, it always works as expected.

Just for testing, I tried with a simple NodeJs script with ActiveDirectory package and it works well even with characters from extended ASCII table. But I have to make it in dotnet.

For now, we are going to use a windows server instead of Linux, only for that issue. I still hope to find a solution and made it work on Linux.

[flamencist]

Hello! The ldap4net based on openldap solution. Please test with ldap-utils before using library

[Kenny-54]

Hello !

With ldapsearch command, it works well, even with a password with a characters from extended ASCII table.