Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FreeRadius Group Membership not working

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      geocast
      last edited by

      Good morning

      I’m looking into setting up the group membership option in freeradius ldap. I have PfSense V2.3.1

      I’ve set up the general options and everything works. I can query our AD for users. Now I want that only users can be queried that are in a certain group.
      Attached I have my general options. The query in filter is:

      (|(sAMAccountName=%{%{Stripped-User-Name}:-%{User-Name}}) (mail=%{%{Stripped-User-Name}:-%{User-Name}}))

      But no matter what I set up in group membership it never finds a user. Only when I disable “Compare Check Item” it works. But then it works with almost all users.
      I set the Groupmembership Attribute to my group name, the rest I left with the default options.
      I’m starting to think it is because of my query in the general options. Could this be? Or do you have any other suggestions to what I have to do?

      Thanks

      ![general settings.JPG](/public/imported_attachments/1/general settings.JPG)
      ![general settings.JPG_thumb](/public/imported_attachments/1/general settings.JPG_thumb)

      1 Reply Last reply Reply Quote 0
      • A Offline
        Anfänger
        last edited by

        Stills seems to be a bug in the freeradius implementation of LDAP-Auhtorize.
        See my post here : https://forum.pfsense.org/index.php?topic=82209.msg566789#msg566789
        and this : https://forum.pfsense.org/index.php?topic=43675.msg515428#msg515428

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.