LDAP Users unable to make changes
I couldn't find an existing thread or appropriate board to post this to (so move it if this is the wrong place)
So this is the situation:
I have authentication for PFSense working on a remote LDAP server. (AD)
This authentication works perfectly fine. The users can log in.
OpenVPN-server module works with the same server and it works too.
When logging in with an AD user, we can add rules, change rules etc,
BUT every time we hit save/reload or similar the changes are not applied.
Is this a bug or is it possible that I missed something?
I don't think it's permissions due to the fact that Users in the AD group can login and browse to the relevant pages they have been given access to and not to ones they lack the rights to.
You must have added the "Deny Config Write" privilege to the group on pfSense used by the LDAP users. Remove it.
Easy to do if you are not careful and just used "Select All" on the privilege list without reading them.
Totaly missed that. Feeling stupid now.