We are using LDAP to authenticate the user. The user is getting authenticated and operator ID is getting created in Pega. But the password given in pega LDAP URL is not validating against LDAP password. Pega is taking any password and authenticating the user. It is just checking if the user exist in LDAP and not validating the password. Is it the default behavior of LDAP authentication ? Is there any way to validate the password against LDAP password ?
OOTB Activity "AuthenticationLDAPWebVerifyCredentials" doesnot verify the password, It just checks whether user is found in LDAP directory. Try to use the other activity "AuthenticationLDAPVerifyCredentials", This checks for user availability as well as the password match.Hope it helps.