We configured our Nexus Repository Manager OSS 3.19.1-01 with a LDAP connection to the AD server (didn't test on later versions). Which works fine for most users. Authentication is working properly for the docker registry being hosted by Nexus. But also directly on the Nexus GUI itself to browse through other repositories.
Apparently when a user has a # (pound) symbol in the password things just stop working during the authentication process. We've repeatedly tested this by ONLY changing the password for the user on AD site and trying to connect to Nexus (via "verify login" on the LDAP tab, and via "docker login my.nexus.repo:5000" ).
Having a pound # in the password doesn't work. On docker login it replies with a 401, and with "verify login" it yields
Failed to connect to LDAP Server: User 'CN=myCN,OU=myOU,OU=otherOU,DC=myDC,DC=otherDC' cannot be authenticated. [Caused by javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0c09042A, comment: AcceptSecurityContext error, data52e, v3839]]
When changing the password back to a password without a # pound it works perfectly fine.
Also tried a local account with a # symbol, but that works perfectly fine as well. So it seems LDAP / AD related