Description of problem: It looks like 'ovirt-engine-extension-aaa-ldap-setup' does not escape special characters in the search user's password when generating the profile properties file. In the setup process, the user enters the 'dn' and the password of the search user. Then the setup script tries to perform a simple bind which is successful and the setup process continues. At the end of the process, the user is asked to test the authentication. In this test, the setup process has generated the profile file already and tries the authentication by using the extensions tool but it fails because the password of the search user in the profile file is wrong as it hasn't escaped the special characters in the properties file. Version-Release number of selected component (if applicable): ovirt-engine-extension-aaa-ldap-setup-1.3.8-1.el7ev.noarch How reproducible: Always Steps to Reproduce: 1. Run ovirt-engine-extension-aaa-ldap-setup and configure it with a search user who has a password containing '\' special character 2. In the final step try the login of another user. Actual results: The authentication fails Expected results: The authentication succeeds
sync2jira
Verified on ovirt-engine-extension-aaa-ldap-1.4.2-1.el8ev.noarch
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Low: Red Hat Virtualization security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5179