1. Home
  2. pfSense Packages
  3. FreeRadius Group Membership not working

FreeRadius Group Membership not working

  • G

    Good morning

    I’m looking into setting up the group membership option in freeradius ldap. I have PfSense V2.3.1

    I’ve set up the general options and everything works. I can query our AD for users. Now I want that only users can be queried that are in a certain group.
    Attached I have my general options. The query in filter is:

    (|(sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}) (mail=%{%{Stripped-User-Name}:-%{User-Name}}))

    But no matter what I set up in group membership it never finds a user. Only when I disable “Compare Check Item” it works. But then it works with almost all users.
    I set the Groupmembership Attribute to my group name, the rest I left with the default options.
    I’m starting to think it is because of my query in the general options. Could this be? Or do you have any other suggestions to what I have to do?

    Thanks

    ![general settings.JPG](/public/imported_attachments/1/general settings.JPG)
    ![general settings.JPG_thumb](/public/imported_attachments/1/general settings.JPG_thumb)

    0
  • A

    Stills seems to be a bug in the freeradius implementation of LDAP-Auhtorize.
    See my post here : https://forum.pfsense.org/index.php?topic=82209.msg566789#msg566789
    and this : https://forum.pfsense.org/index.php?topic=43675.msg515428#msg515428

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy