RE: Unable to login with Active Directory with Proget 2026.1

@pg_user_8607 Given the fix is about searching in AD I think the pull request is indeed related, as there is no other error I can find other than unable to find the user(s) in the User Directories Test.

I do not know why , but updating to Proget 2026.2 solved this issue. Testing user directories works, login also works. No other change made (in LDAP etc)

@atripp Ok, I will test again probably in a week. However I did going to admin - security and using AD test tool, which basically said that it can't find the user.

@antonio-oliveira_8481 I am not sure it is the same but I will try.

When I upgraded proget 25.0.25 to Proget 2026.0 and 2026.1 users was not able to login using active directory account.

I initially thought this is same with issue reported in https://forums.inedo.com/topic/5754/bug-proget-2026-no-longer-able-to-find-active-directory-users-groups-when-configuring-task-permissions/7

But even upgrading to version 2026.1 does not solve my issue. testing User directories it just indicate that it can't find the user. Also for small additional information, the user with active directory can't use apikey to do "npm view" so this is not just Proget UI.

I am not sure I can find any log anywhere to help you narrowing this problem. For now I am rolled back and updated to 25.0.28 instead. Let me know if there is known current issue or a way to find log useful to resolve this case.

Yes , it is indeed npm packages, yes I was using /packages.

Though when traying to search within /feed it was also strange as it seems to ignore @ .

Both are okay for now. Just put it somewhere in the improvement list, I understand there is some limitation to it, encoding, filter etc and trying to do universal search across different type.

Hello, I believe this is a bug, not sure whether this is reported previously, however when searching packages which is not alphanumeric only it always return empty.

For example, searching for "@schematics/angular", "@schematics", or "/angular" will return empty. While "schematics" or "angular" will return a bunch of packages, including the "@schematics/angular" for "angular", but not when searching "schematics".

I already changed status to cached

Thank you

I noticed this mechanism when I migrated from Artifactory to Proget in my company but only able to comment now. I would say thank you very much for you guys for addressing this, especially since it is done before the migration in my company.

I saw in Inedo that PGV-2330205 and PGV-2425402 are applied to 'all' version of SheetJS
https://security.inedo.com/vulnerability/details/PGV-2330205 and https://security.inedo.com/vulnerability/details/PGV-2425402

While as per descriptions in both articles, if you already use version 0.19.2 (or later) for PGV-2330205 and 0.20.2 (or later) for PGV-2425402, the vulnerabilities are supposed to be fixed already, but the package in my Proget server is still displaying vulnerabilities , specifically in my case in version 0.20.3 . I know how to suppress them for entire versions of SheetJs but I think this probably should be addressed for inedo for everyone. I do not know if it is possible to suppress for just specific package or package version, ideally matching SemVer.

Also note that previously I tried to use expiration for reassessing vulnerability and it seems it is unable to set the expiration and it was complaining about time format.

Thank you