powered by Jive Software

[BUG] Remove maximum length in AD password field

Hi all,

I spent quite a few hours debugging the setup of Openfire with Active Directory integration. Whatever I did, it kept saying that the login credentials for the AD administrator account were incorrect. Eventually I used FireFox’s Web Developer plugin to show the actual contents of the password field, only to find out that the last 2 characters of the password (a 32 character random MD5 hash, in our case) were cut off. The password field turns out to have a limit of 30 characters, but since it shows the password bullets, there’s no way to tell.

I removed the limit from the input field, copy & pasted the password and it worked like a charm. I would, however, strongly recommend to remove the maximum length from the password field. I do realize that we’re an exception with our 32-character long hash, but still :slight_smile:

Hi,

experienced this bug in Openfire 3.8.2 (OS: Windows 2012) as well.

We have a dedicated AD user used for ldap binding in 3rd party software like Openfire.

Our password exceeds the 30 characters limit of the ldap wizard on the setup page.

After several retries I noticed on the ldap debug console, that the password got truncated to 30 chars.

Editing the max length password field of the ldap wizard with Firebug works, the wizard saved my original password. Please fix this, such trivial bugs are simply annoying.

Safety first