VIP Enterprise Gateway | Passwords Containing Special Characters Not Accepted By Validation Server


Article ID: 170374


Updated On:


VIP Enterprise Gateway


Users are unable to authenticate via the first factor through the validation server when their LDAP password contains special characters.

The validation server logs indicate that the LDAP password is incorrect.

INFO "2017-10-27 08:22:11.236 GMT-0700" MyVal:1814 0 0 "text=Access Denied 0x006b: Schema validation failed. (Error encountered during schema validation. Invalid element pin, top, or temporaryPassword values.), user=[user1], bizCont=off,reason=34
INFO "2017-10-27 08:22:11.236 GMT-0700" MyVal:1814 0 0 "text=Sending Acces-Reject for user [user1] , reason=3; Incorrect LDAP Password." Thread-3955157872 VSAuthOTPStandardControllerImpl.cpp
AUDIT "2017-10-27 08:22:11.236 GMT-0700" MyVal:1814 0 18870 "text=Access DENIED Incorrect LDAP Password. ,reason=3; Incorrect LDAP Password." Thread-3955157872 VSValidationEngine.c


By default, validation servers only support UTF-8 characters when configured in ULO mode (username + LDAP password + security code).


To allow additional special characters to be accepted and read correctly, the encoding on the validation server must be changed to ISO-8859-1.

  1. Connect to the server where the VIP Enterprise Gateway is installed.
  2. Log in to the VIP Enterprise Gateway console and stop the corresponding validation server from the Validation tab by changing the status to Off.
  3. Delete the radserv.conf.working file present in <INSTALL_DIR>\Validation\servers\conf\<server_name>\conf folder.
  4. Open radserv.conf and change server.encoding to ISO-8859-1 and save.
  5. Start the validation server in the console by changing the status to On.
  6. Attempt the login to the validation server again.