Hi
We are running NAV with LDAP-authentication against MS ActiveDirectory.
This were working fine for a while, but then the issue with case sensitive usernames appeared (Bug#1207722) The fix seems to have broken LDAP authentication with AD completely.
As we are a small group of nav-users here, it took a while (and a passwordchange) to discover this.
What happens now is that authentication works (for existing users) as long as the user doesn't change his password. Any new passwords will not work (as the LDAP-query against AD keeps failing), BUT the old (cached?) password still works(!)
I don't know if this is by design... But it seems a little flawed to me.
Since the addition of ":caseExactMatch:" doesn't work with AD, a better solution to Bug#1207722 would be to have NAV check the output of the LDAP-query to get the actual username (with correct casing) and use this to create the user in the database instead of the actual userinput.
Steinar Otto Sjøholt Aalesund University College