User Manager and LDAP-Groups
-
Hello,
I can not use LDAP groups. The ldap authentication works, but there is no mapping of the LDAP-Groups. When I try the "Diagnostics: Authentication Tool", the User authenticated successfully. But there are no Groups.
I took many screenshots of the settings, maybe it helps. Please help me.Have a nice day!
Samuel
Here I get no groups
Settings
LDAP Browser
-
Hello,
I found the reason in the file auth.inc.
I have created a patch. All "objectClass=posixGroup" are searched by the attribut memberUid. Perhaps there should be a possibility to set "objectClass=posixGroup" and "memberUid" on the web gui.Greetings
Snowyrain
-
Hello,
I'm facing similar problems in setting up LDAP authentication on the captive portal (pfsense 2.0.1).
I applied your patch but the diag_authentication.php page seems to call ldap_get_groups() function twice. Once for the admin user that is logged in and the second time for the user I'm trying to test.
Also, I do not find any code in the php files that authenticate captive portal logins to the LDAP. Have you come across something similar?
Was wondering if you can help in this.
Regards,
Rajat -
Hello rajatag,
I don't use the captive portal. In the web-IF are only this options:
WebCfg - Services: Captive portal page
WebCfg - Services: Captive portal: Allowed IPs page
WebCfg - Services: Captive portal: Allowed IPs page
WebCfg - Services: Captive portal: Edit Allowed IPs page
WebCfg - Services: Captive portal: Edit Allowed IPs page
WebCfg - Services: Captive portal: Edit MAC Addresses page
WebCfg - Services: Captive portal: File Manager page
WebCfg - Services: Captive portal: Mac Addresses page
WebCfg - Services: Captive portal Voucher Rolls page
WebCfg - Services: Captive portal Vouchers page
WebCfg - Status: Captive portal page
WebCfg - Status: Captive portal test Vouchers page
WebCfg - Status: Captive portal Voucher Rolls page
WebCfg - Status: Captive portal Vouchers pageSo I don't think it is implmented in pfsense.
Also, I do not find any code in the php files that authenticate captive portal logins to the LDAP. Have you come across something similar?