Erroneous LDAP login error

We have a user that has an apostrophe in his Active Directory username. This information appears in the "display name" field in our AD database.
When logging into DaDaBik web applications he is unable to authenticate via LDAP.

He gets the following error message:
13 Error. Multiple LDAP users have the same username.

We have checked with our IT department and verified that there is only a single user in Active Directory for his username.
So that error message appears to be erroneous.

NOTE: Our users authenticate DaDaBik LDAP with a username of "Firstname[space]Lastname" because we never could get the sAMA field ([first letterfirstname][lastname]) to work in the LDAP configuration based on how our IT dept. setup AD/LDAP.
The "Display Name" or dn is what DaDaBik is using for the login username field.
Removing the Apostrophe from the "display name" field in LDAP for this user caused the error to go away.
Our guess is that this special character is causing a problem somewhere in the DaDaBik authentication module.
Since it is an un-escaped single quote I know those can wreak havoc in multiple languages.
Thought you should be aware of this so you can look for bugs accordingly.
For now, we will request our IT department not put special characters in usernames and can work around this.


Installation Details:
You are using DaDaBIK version 11.9-Elba platinum, installed on 05-02-2023 (installation code: 18272633dff70ccbd0), the latest version of DaDaBIK is 11.11-Elba released on 09-27-2023
You are not running the last release of DaDaBIK, the release you are running might have bugs and security holes, see the official change log for further information.

System info​

PHP Version: 7.4.6
mysql version: 5.5.5-10.5.13-MariaDB
Web server: Apache
Client: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36


Staff member
Hello and thanks for the detailed report!

Question: is your $enable_ldap_escape_filter config parameter set to 0 or 1?
In config_custom.php in the app include folder we do the following:
$enable_ldap_authentication = 1;
$set_ldap_authentication_as_default = 1;
$ldap_binding_type = 'classic';
$ldap_binding_prefix = '';
$enable_ldap_escape_dn = 1;
$enable_ldap_escape_filter = 1;

The rest is specific to our AD configuration.

Also, we have upgraded to 11.11 now.

Hope that helps.