Security

Hi Gays,

I got an error when configuring Ldap authentication on a mobility Controller (V8), space is not supported on a OU name in the base-dn.

I tried to escape the space with different caracters (",\,%20) but it did't work. 

Could you please help me to find a solution for my issue ?

Best regards

It has been a while last time that I have seen LDAP authentication being used from a controller. I see RADIUS or TACACS being used instead for both admin and user authentications. Also, LDAP is incompatible with most wireless authentication schemes. For that reason, it is not really recommended, nor common to use LDAP from the controller.

If you really need LDAP authentication, I would open a TAC support case to get it investigated.

Hi Herman,

Thank you, i know it's not recommended, but in my case I realy need to setup LDAP auth with captive portal for one of my customers. without spaces in unity organisations names, it operate prety well, my only problem is how to escape this spaces in the base-dn.

Best regards

Ok, can you please report this to Aruba TAC as I'd believe this needs to be fixed in future versions.

As a workaround, I just tried in my lab and it looks that if you use the CLI to make the change, it does work. After the change the base-dn shows up with space in the UI as well:

(MM) [ArubaLAB] (config) #aaa authentication-server ldap "ldap-test"
(MM) [ArubaLAB] (LDAP Server "ldap-test") #base-dn "dc=user group,dc=test,dc=loc"
(MM) ^[ArubaLAB] (LDAP Server "ldap-test") #write mem

Saving Configuration...

Configuration Saved.

Use the "double-quotes" to prevent the command to break on the space.