What version are you running?
1.7.6
What's the URL of the page containing the problem?
Internal URL
What steps will reproduce the problem?
1. Have an AD group with a character that requires escaping (e.g. 'C# Users')
2. Add a user to that AD group
3. Try to login as that user when a group filter (on a different AD group, such as my_group) is enabled, and with recursion enabled
4. See an error in the log for: "Active Directory error: failed gettinggroups for user 'username': {'desc': 'Bad search filter'}"
What is the expected output? What do you see instead?
User should be able to login. Instead, they get a login failure.
What operating system are you using? What browser?
RB on Ubuntu 12.04, Chrome on Win7.
Please provide any additional information below.
the get_member_of function in ActiveDirectoryBackend in backends.py should probably call ldap.filter.escape_filter_chars on the group name before passing it into search_ad. There may be other locations where escaping is necessary.