Logon fails with ActiveSync published over Netscaler when password contains UMLAUTE.
This happens with 401 based authentication and works for forms based authentication. 





 

We need to suggest customer to stick to Ascii-charset, as involving PI expressions to interpret the UMLAUTE is quite complex and it needs multiple enhancements. 
Engineering team will review the enhancements and get them implemented in the future release. 

---

Problem Cause

This issue is because we pass “as is” the password received from client, to the LDAP server. In some cases we need to convert password from Unicode-codepoints to UTF-8 to fix this issue.
Unicode codepoints for the range 0x00000000 - 0x0000007F pose no trouble: for characters in this range, codepoint == UTF-8 encoding. All ASCII numerals, English alphabets fall in this range. This is the reason why plain English usernames/passwords are interpreted correctly by the receiving auth(LDAP) server.
Conversion is needed for characters in the range beginning with 0x00000080. Umlauts (like ä, ë, ï ) and Arabic characters fall in this range. For these characters, codepoint != UTF-8 encoding. So we need to convert the codepoint to UTF-8 before passing on to auth server.