Captive Portal login without password when using AD
-
Greetings to all team ...
I have managed to integrate PFSense 2.4.5 p1 and Active Directory well but I have a problem that I still cannot find its cause.
When it loads the Portal in cell phone and asks for the user's authentication credentials, when you enter user name of a user belonging to the AD group, the system allows access without having to ask for the password of this user.
If the user does not belong to this AD group, the system works fine, it does not allow him to enter.
Does anyone know why the system allows access to users in this case without putting their password?
What is the best solution? -
@figaro-cuba Hi,
This happens because you have checked "allow unauthenticated bind" in the pfSense config (in System->User Manager->Authentication Servers)
You can simply uncheck this box if you don't want users to be users to be accepted on the portal without entering their password
-
@figaro-cuba https://redmine.pfsense.org/issues/9909
Short answer, Microsoft being stupid again.
-
@free4 You misunderstand what that checkbox does. The LDAP server either requires a bind before you can search or it doesn't.
-
@free4 Thanks for your answar but i dont use this option, the problem is Window Server
-
@derelict Thanks to all. i had to install Windows Server 2019 and then manually uncheck this option
https://blog.lithnet.io/2018/12/disabling-unauthenticated-binds-in.html
