Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LDAP Users unable to make changes

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 749 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kazaamjt
      last edited by

      Hello All,

      I couldn't find an existing thread or appropriate board to post this to (so move it if this is the wrong place)

      So this is the situation:
      I have authentication for PFSense working on a remote LDAP server. (AD)
      This authentication works perfectly fine. The users can log in.
      OpenVPN-server module  works with the same server and it works too.

      When logging in with an AD user, we can add rules, change rules etc,
      BUT every time we hit save/reload or similar the changes are not applied.
      Is this a bug or is it possible that I missed something?
      I don't think it's permissions due to the fact that Users in the AD group can login and browse to the relevant pages they have been given access to and not to ones they lack the rights to.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        You must have added the "Deny Config Write" privilege to the group on pfSense used by the LDAP users. Remove it.

        Easy to do if you are not careful and just used "Select All" on the privilege list without reading them.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • K
          kazaamjt
          last edited by

          Yup.

          Totaly missed that. Feeling stupid now.

          Thanks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.