QNAP LDAP Server - Extended Query Help...

The Computer Guy · Apr 30, 2024, 2:32 PM

Hello, using a local LDAP Server on a QNAP NAS, and have created a group called vpn on the nas.

To test that the LDAP is working correctly and getting the correct info, I created a group called vpn on the firewall too. As you can see below, it works, and the test shows that the user is in the group.

I'm only using LDAP on pfSense for OpenVPN, so now need to use an extended query to restrict users to just this group, but I just can't seem to get it right, whatever extended query I use, I just get an authentication error. I've got a few boxes that work with MS LDAP great for remote access using pfSense firewalls, so know it can be done!?

stephenw10 · Apr 30, 2024, 6:04 PM

Mmm, LDAP queries can be tricky!

What exactly are you trying? What does it return? Anything logged at the server end?

Steve

The Computer Guy · Apr 30, 2024, 8:11 PM

@stephenw10 - I think it should only need to be this query -

(&(objectClass=posixGroup)(cn=vpn)(memberUid=*))

I just get a red box on the authentication test page in pfSense -

The following input errors were detected:

Authentication failed.

Unfortunately there doesn't seem to be any LDAP logs generated on the QNAP :(