• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Yet another question about LDAP group membership support

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 2 Posters 2.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    afshin
    last edited by Jul 21, 2013, 10:27 AM

    Hi Guys,

    I'm using pfsense 2.1-RC0 and trying to configure it to FreeIPA. It is authenticating with no problem but does not recognize group membership. Here is the FreeIPA log trace which seems be ok ! I've created the expected group to pfsense as well.

    appreciate all comments,
    Afshin Afzali

    conn=41 fd=66 slot=66 connection from 192.168.254.2 to 192.168.254.3
    conn=41 op=0 BIND dn="" method=128 version=3
    conn=41 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
    conn=41 op=1 SRCH base="" scope=2 filter="(uid=admin)" attrs="memberOf"
    conn=41 op=1 RESULT err=32 tag=101 nentries=0 etime=0
    conn=41 op=2 UNBIND
    conn=41 op=2 fd=66 closed - U1
    conn=42 fd=66 slot=66 connection from 192.168.254.2 to 192.168.254.3
    conn=42 op=0 BIND dn="" method=128 version=3
    conn=42 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
    conn=42 op=1 SRCH base="" scope=2 filter="(uid=admin)" attrs="memberOf"
    conn=42 op=1 RESULT err=32 tag=101 nentries=0 etime=0
    conn=42 op=2 UNBIND
    conn=42 op=2 fd=66 closed - U1
    conn=43 fd=67 slot=67 connection from 192.168.254.2 to 192.168.254.3
    conn=43 op=0 BIND dn="" method=128 version=3
    conn=43 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
    conn=43 op=1 SRCH base="cn=users,cn=accounts,dc=basamadco,dc=local" scope=2 filter="(uid=afshin)" attrs=ALL
    conn=43 op=1 RESULT err=0 tag=101 nentries=1 etime=0
    conn=43 op=2 BIND dn="uid=afshin,cn=users,cn=accounts,dc=basamadco,dc=local" method=128 version=3
    conn=43 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=afshin,cn=users,cn=accounts,dc=basamadco,dc=local"
    conn=44 fd=66 slot=66 connection from 192.168.254.2 to 192.168.254.3
    conn=44 op=0 BIND dn="" method=128 version=3
    conn=44 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
    conn=43 op=3 UNBIND
    conn=43 op=3 fd=67 closed - U1
    conn=44 op=1 SRCH base="uid=afshin,cn=users,cn=accounts,dc=basamadco,dc=local" scope=2 filter="(uid=afshin)" attrs="memberOf"
    conn=44 op=1 RESULT err=0 tag=101 nentries=1 etime=0
    conn=44 op=2 UNBIND
    conn=44 op=2 fd=66 closed - U1

    1 Reply Last reply Reply Quote 0
    • D
      doktornotor Banned
      last edited by Jul 21, 2013, 10:30 AM

      You need to create the matching group in User Manager as well.

      1 Reply Last reply Reply Quote 0
      • A
        afshin
        last edited by Jul 23, 2013, 11:34 AM

        Actually I did as I wrote in first post. But the problem was in bind credentials option. I could resolve it by changing anonymous binding to a known user.

        Thanks

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received