After logging in as administrator account, the Authentication Provider shows Failure under LDAP configuration(System -> User Management -> Authentication Providers -> Connection Status) still although Platform is upgraded.

vDefend SSP 5.1

When adding an LDAP configuration, the Bind Identity field must be entered according to the LDAP type:

For Active Directory (AD): You must specify the userPrincipalName (user@domainName).

For OpenLDAP: You must specify the Distinguished Name (DN).

This field is mandatory unless the LDAP server supports anonymous bind, in which case it becomes optional.

In SSP 5.0, there is a bug that allowed incorrect LDAP type conversion without validation. The system did not perform a check on the Bind Identity format.

As a result, an AD-based LDAPS server can be incorrectly registered under the OpenLDAP type, and vice versa.

The GUI allows the change without validating the Bind Identity, leading to inconsistent configurations.

However, existing users affected by this bug may not notice it immediately, since Active Directory can sometimes accept non-UPN Bind Identity formats without error.

After upgrading to SSP 5.1, as the bug is fixed and expects the right Bind Identity format, this kind of LDAP configurations will move to a “Failed” state.

To resolve this, users must update the Bind Identity to the correct format (UPN for AD, DN for OpenLDAP).

Once corrected, the LDAP connection is expected to become active again. 

Impact During Upgrade:

• If the logged-in user belongs to an AD group impacted by this misconfiguration, they will be logged out during the upgrade (expected behavior).
• However, due to the LDAP configuration failure, the user will not be able to log in again until the issue is corrected.
• Access can be restored using Admin account credentials, which are required to log in and update the LDAP configuration post-upgrade.