Captive Portal and multiple LDAP servers
-
In our school we use one GSuite domain for the teachers and another Gsuite domain for the students. These are completely two different databases. Each Gsuite domain has his own LDAP server. I managed to configure in the pfsense Users Manager both LDAP's are working as an Authentication Server. But now I want to have a Captive Portal working that searches in both LDAPS, so a teacher and a student can authenticate in the captive portal. At this moment only users that are in de first LDAP database can login.
Is there a way to accomplish what I want? -
@tommyverburgh just select both LDAP servers in the captive portal menu?
-
@free4 Thx for your reply. But that's how I configured it. I will try this again and find some things in the logs. It would be so easy for me if this works.
-
@tommyverburgh said in Captive Portal and multiple LDAP servers:
@free4 Thx for your reply. But that's how I configured it. I will try this again and find some things in the logs. It would be so easy for me if this works.
If you select multiple LDAP servers, they will act as master/backup - if the first server is not available, it tries the second.
-
@viktor_g Thx for your response. So if the first server is available and the user is not in the database it will not check the second server?
-
@tommyverburgh Right, in the same way as WebGUI authentication works
-
@viktor_g Thx. This means that if the user who tries to login is on the second server and not on the first server, he can't log in. That's my problem. Are there workarounds?
-
@tommyverburgh this is a design flaw - you must have all your LDAP data in a single database and use primary/backup servers for Captive Portal authentication
-
@viktor_g that is not correct
if the first LDAP server is available but is telling "access denied" then the second ldap server is queried.
-
@free4 ThankU, I will continue working this out. Thx
