Re: ISE supporting special characters for user account passwords on LDAP/AD

umahar · ‎02-20-2019

A customer reached out to me stating concerns on ISE's ability to support various special characters in passwords for user accounts in AD/LDAP.

I don't remember facing any issues with regarding special characters in the past but I will be testing all the characters stated by the customer in a lab.

Wondering if anyone faced any issues in the past.

Francesco Molino · ‎02-20-2019

Hi

Did he told you which characters?
On my latest deployment (this week 😀), on test users i had some special characters like @ # ! and it works.

Also what ise version are we talking about?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

umahar · ‎02-21-2019

Tested an account with the below password with no issue

Test~!@#$%^&*()_+`-=123

Francesco Molino · ‎02-22-2019

Tested as well and no issue. Maybe your customer has another issue.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Rahul Govindan · ‎02-23-2019

I have had no trouble with ISE accounts with special characters, but I know that ISE does not play well with AD group names with special characters. Maybe that is the problem?

https://www.cisco.com/c/en/us/td/docs/security/ise/2-0/ise_active_directory_integration/b_ISE_AD_integration_2x.html#ID496

An authorization policy fails if the rule contains an Active Directory group name with special characters such as /, !, @, \, #, $, %, ^, &, *, (, ), _, +, or ~.

Karsten Svenningsen · ‎02-21-2020

Hi

We have issues with the special danish charecters æ ø and å.

Regards Karsten

hslai · ‎02-22-2020

CSCvp07591 is the only known issue I found with UTF-8 characters.

If that is not it, please open a TAC case, ensure TAC able to recreate it and file a bug accordingly.