Difficulties when combining Pfsense with UCS Linux
-
I am trying to join the AD that I have with UCS with my Pfsense but I am having problems joining with the LDAP, this is the configuration I have so far, when I check the containers I get this error Could not connect to the LDAP server. Please check the LDAP configuration.
-
Have you connected to it from anything else? How is that configured?
Check the states when you try to connect. Do you see two way traffic?
-
@stephenw10 I already have the ldap configured with Windows AD and it joins without problems, but with the UCS at the time of entering the BIND credentials it is not able to connect.
-
stephenw10 Netgate Administratorlast edited by stephenw10 Feb 20, 2025, 5:11 PM Feb 20, 2025, 5:10 PM
Do you need to import the CA cert perhaps? Does the server cert contain that IP as a SAN? If not use the fqdn there.
Does it allow unencrypted connections like you are trying in that second screenshot?
-
@stephenw10
When the option Use anonymous binds to resolve distinguished names is enabled and I verify the union with the LDAP if the BIND option passes. I am going to show you the configuration that I have with an LDAP but united with Windows Server and I have the same configuration as such, only the option that is different changes when a new LDAP Server is added in the INITIAL TEMPLATE option for Windows server porner Microsoft AD and for LINUX OpenLDAP.
In turn, I am going to export the server and put the FQDN of the LDAP server
-
Hmm, so it does bind if you remove encryption and authentication?
Does the server show an error when it tries to query the OUs?
-
@stephenw10
Exactly, if I remove the option for both LDAP in Windows and Linux it works, the situation is that you must have the administrator user so that you can find the OUs and with UCS the error appears -
Hmm, what's different in pfSense? You can't login as an admin user?
You don't have to 'discover' OUs, you can just enter the query directly.