Description
We are seeing unexpected errors when using a combo of:
- Safari v 16
- LastPass 4.101.2
- LDAP connected
- (we've determined that OAuth is not affecting this problem)
When a user tries to updateprofile by clicking on the tile, or navigating directly to /pwm/private/updateprofile, the presence of lastpass seems to be causing sessions to be dropped or not communicated, for unknown reasons.
The user does land on the /updateprofile module page to enter their password, but any attempt to submit the password to bind to LDAP results in "Service is not enabled" error.
I suspect something is happening to either the JS on the page, or some combo of cookie suppression. But the end result is that the FORM POST is incorrect or rejected.
Disabling LastPass options across the board does not fix this. Neither does adding our pwm domain to "Never do anything" settings in last pass. The ONLY thing that seems to work is completely disabling the LastPass extension in Safari preferences.