Skip to content

[JENKINS-72732] ActiveDirectory authentication error with german umlaut in user DN #591

Open
Bug
Open
[JENKINS-72732] ActiveDirectory authentication error with german umlaut in user DN#591
Bug
Labels
component:ldap-pluginimported-jira-issuepriority:criticalresolution:unresolved
@jenkins-infra-bot

Description

@jenkins-infra-bot
jenkins-infra-bot
opened on Feb 19, 2024

Hi.

I am using Ldap plugin to authenticate to ActiveDirectory, and all users not having german umlaut like "ÄÖÜ" in their user-dn can login fine:

For example:
DN: CN=Franz Tester,OU=Users,DC=example,DC=com

sAMAccountName: tester201

( please see Picture1 too)

All users, with ÜÖÄ in its surname or lastname get an authentication error.

DN:: base64 encoded string

sAMAccountName: tester202

( please see Picture2 too)

I know, it is recommended not to use german umlaut in the DN, but my company has configured it like this, and i cannot change it.
I am not a developer, so i cannot help to fix this problem, but i hope someone is here to help me.
I have tested several configurations with different ldap queries and changed my password to something simple, but nothing works. So i have no further idea and think, it could be a problem with the plugin code to not decode the DN correctly, maybe.

Thank's in advance for your help!

Originally reported by jcb, imported from: ActiveDirectory authentication error with german umlaut in user DN
  • status: Open
  • priority: Critical
  • component(s): ldap-plugin
  • resolution: Unresolved
  • votes: 0
  • watchers: 1
  • imported: 2025-12-09
Raw content of original issue 
Hi.



I am using Ldap plugin to authenticate to ActiveDirectory, and all users not having german umlaut like "ÄÖÜ" in their user-dn can login fine:



For example:
DN: CN=Franz Tester,OU=Users,DC=example,DC=com



sAMAccountName: tester201



( please see Picture1 too)



All users, with ÜÖÄ in its surname or lastname get an authentication error.



DN:: base64 encoded string



sAMAccountName: tester202



( please see Picture2 too)



I know, it is recommended not to use german umlaut in the DN, but my company has configured it like this, and i cannot change it.
I am not a developer, so i cannot help to fix this problem, but i hope someone is here to help me.
I have tested several configurations with different ldap queries and changed my password to something simple, but nothing works. So i have no further idea and think, it could be a problem with the plugin code to not decode the DN correctly, maybe.



Thank's in advance for your help!
environment 
Openjdk-21<br/>
RHEL 9.3<br/>
Jenkins 2.426.3<br/>
LDAP plugin: latest
3 attachments

Metadata

Metadata

Assignees

No one assigned

    Labels

    component:ldap-pluginimported-jira-issuepriority:criticalresolution:unresolved

    Type

    Bug

    Fields

    No fields configured for Bug.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions