4. Admins via extended LDAP query

Admins via extended LDAP query

  • S

    Hello,

    I just upgraded from 2.2.6 to 2.3.2 this weekend. It's fantastic so far, except that the pfSense-Admins group that was assigning admin rights to AD users in the pfSense-Admin security group is no longer working. I thought it was a GUI issue when I was able to log in but not make changes as my AD account and created a post in the Web GUI forum:
    https://forum.pfsense.org/index.php?topic=116793.0

    However, it became apparent that it was a User/LDAP issue when I could make the changes as local admin. I've tested the extended query against AD and it pulls successfully. When I use the diagnostics -> Authentication tool, it works only when I have unchecked the extended query option. As soon as I check it and paste in my query:

    memberOf=CN=pfSense-Admins,OU=Security Groups,OU=BusinessName,DC=domain,DC=local

    I get the Authentication failed message. This was working fine in 2.2.6, so I'm thinking something changed but I didn't see anything specific in the "Changes" doc. Any ideas?

    Thanks!

    0
  • S

    Nevermind, just saw someone post this just below here:

    https://forum.pfsense.org/index.php?topic=116760.0

    Watch out for the User - Config: Deny Config Write rule!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy