LDAP authentication support
-
Get in touch with me on freenode, handle is GeekGod.
Good work!
-
Ok ;-)
So after many tests, LDAP authentication works with :
- openLDAP
- Fedora Directory Server (FDS=sunone)
- Active Directory (W2K3)
-
Next step is to integrate Auth for the web interface, then move on to captive portal, pppoe and such. It actually should be pretty easy to do these portions.
-
Yes, and also to have php compiled with the ldap support on the next pfsense release ;-)
-
No problem.
-
I saw on the CVS track timeline that compilation wasn't ok. What's up ? what is the problem ? Can we repair it ?
-
Cannot compile LDAP in as static.
Will address after the 1.0 release.
-
Ok, contact me as soon as it is available ;-)
-
Hi ;-)
I have made a new version of the LDAP authentication function that allow the admin to specify a list of groups (memberOf in LDAP) where the authorized users should be.
In fact I wrote it because of Active Directory, it is easier for the admin to create a group and put authorized users into than creating a whole new OU.So now, the admin of the Active directory can tell the function that only the "managers" and "business people" groups (of the OU of their dreams) can authenticate through the captive portal.
Tell me if you are interested Scott ;-)
-
it sounds great do we think it will be compatable with openldap
-
Ok ;-)
So after many tests, LDAP authentication works with :
- openLDAP
- Fedora Directory Server (FDS=sunone)
- Active Directory (W2K3)
I guess you have missed that message ::)
-
Hi ;-)
I have made a new version of the LDAP authentication function that allow the admin to specify a list of groups (memberOf in LDAP) where the authorized users should be.
In fact I wrote it because of Active Directory, it is easier for the admin to create a group and put authorized users into than creating a whole new OU.So now, the admin of the Active directory can tell the function that only the "managers" and "business people" groups (of the OU of their dreams) can authenticate through the captive portal.
Tell me if you are interested Scott ;-)
Sounds great. When are you going to start integrating with pfSense? :)
-
I will start it as soon as possible. First of all, I need to see how pfsense saves settings, then I will do the mfc changes, then I will call on you to build a release with php+ldap :-D
Let's go to work :-D
-
That's done ;-)
I've modified the captive_portal page too, in order to use my function. Next step is LDAP support for Php ;-)
Pfsense roxxx !
-
Awesome! You rock too ;D
-
All of you guys rock. Even billm.
-
@submicron:
All of you guys rock. Even billm.
Nah, I don't rock, I stone.
–Bill
-
Curious to know what the time frame is on LDAP support and what will be supported. May I humbly suggest a FAQ just on LDAP support?
-
1.1. Not for a LONNNNNG time.
-
What are the issues? I would like to help out on this front if I am capable.