Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Captive Portal login without password when using AD

    Captive Portal
    3
    6
    110
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      figaro.cuba last edited by

      Greetings to all team ...
      I have managed to integrate PFSense 2.4.5 p1 and Active Directory well but I have a problem that I still cannot find its cause.
      When it loads the Portal in cell phone and asks for the user's authentication credentials, when you enter user name of a user belonging to the AD group, the system allows access without having to ask for the password of this user.
      If the user does not belong to this AD group, the system works fine, it does not allow him to enter.
      Does anyone know why the system allows access to users in this case without putting their password?
      What is the best solution?

      F Derelict 2 Replies Last reply Reply Quote 0
      • F
        free4 Rebel Alliance @figaro.cuba last edited by

        @figaro-cuba Hi,

        This happens because you have checked "allow unauthenticated bind" in the pfSense config (in System->User Manager->Authentication Servers)

        You can simply uncheck this box if you don't want users to be users to be accepted on the portal without entering their password

        96b7f142-4867-4395-ad43-46c011306f37-image.png

        Derelict F 2 Replies Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate @figaro.cuba last edited by Derelict

          @figaro-cuba https://redmine.pfsense.org/issues/9909

          Short answer, Microsoft being stupid again.

          F 1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate @free4 last edited by

            @free4 You misunderstand what that checkbox does. The LDAP server either requires a bind before you can search or it doesn't.

            1 Reply Last reply Reply Quote 0
            • F
              figaro.cuba @free4 last edited by

              @free4 Thanks for your answar but i dont use this option, the problem is Window Server

              1 Reply Last reply Reply Quote 0
              • F
                figaro.cuba @Derelict last edited by

                @derelict Thanks to all. i had to install Windows Server 2019 and then manually uncheck this option
                https://blog.lithnet.io/2018/12/disabling-unauthenticated-binds-in.html

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy