LDAP auth creates constant queries
-
Hi,
i configured my pfsense, for ldap (SSL) user login. So i have ldap groups defined, for my vpn users, my pfsense admin users, and so on.
It works perfectly fine, except, that if a admin user is logged into the pfSense WebGUI, the pfSense does constant storm of LDAP queries for the logged in user. I have no idea for what. It queries the logged in user for the groupmembership attriubte, and it gets an answer.
What is the point in that? Is it a bug?Thank you
best regards
Halandar -
It's how the auth system is designed, which is sort of a bug but not quite.
Each time a client loads a page it re-checks the auth to make sure it's still valid, because it doesn't do a persistent LDAP session style login, only an immediate one-off access request.
-
Thank you! So would this issue be worth a bug report?
Becourse for normal login, this behaviour makes sense, but not for ldap. -
I've the same issue here: A LDAP server is configured (for VPN auth) but only using local account (admins) on webGUI.
Moreover theses LDAP connections/lookup can breaks webGUI when LDAP server is down/unreachable (eg. down Internet connection): each page takes about 40-50 seconds to display: I'm guessing it's because LDAP queries that have to timeout before PHP script can continue…Others have already encountered the same timeout problem:
