Can't login using LDAP after password change

[RainyRat]

Hi,

We're using SugarCRM community edition 5.2.0f (Build 5688), and have the LDAP stuff set up so that users can log in with their AD credentials by contacting our DC (Server 2008).

We're having an issue with a couple of users; they've recently (a week or so ago) changed their AD passwords, and now can't log in to Sugar. Other users can still do LDAP logins, and if I set the problem users' passwords manually then they can log in too, but LDAP just doesn't want to know about them. I get the following in the log when they try:

Mon Sep 21 16:16:16 2009 [17854][-none-][FATAL] [LDAP ERROR][1]Operations error
Mon Sep 21 16:16:16 2009 [17854][-none-][FATAL] SECURITY: ldapauth: failed LDAP bind (login) by user@domain, could not construct bind_user
Mon Sep 21 16:16:16 2009 [17854][-none-][FATAL] SECURITY: User authentication for user@domain failed
Mon Sep 21 16:16:16 2009 [17854][-none-][FATAL] SECURITY: User authentication for user@domain failed
Mon Sep 21 16:16:16 2009 [17854][-none-][FATAL] FAILED LOGIN:attempts[1] - user@domain

Does anyone have any idea what might be going on here? Are there any restrictions on the allowable password - length, presence of special characters, etc? I know the user's new password ends with a single-quote, which is a SQL delimiter, but I assumed that the login code would correctly escape that.

[RainyRat]

Got it! It's due to bug 24923 (http://www.sugarcrm.com/crm/support/...b-48ce4f16512e).

[santhoshemmadi]

Hi,

Can you please send me the steps to configure and any coding that need to done inorder to use LDAP.

Actually my requirement is whenever a user logs into the windows and click the sugar crm link it should automatically use windows credentials to log in instead of asking for the username and password for sugar crm.

With Kind Regards,
Santhosh