• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

User Manager with LDAP

Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
7 Posts 3 Posters 3.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    sws
    last edited by Dec 8, 2010, 9:55 AM

    Hi all

    On "System: Authentication Servers" I added my ldap server
    On "Diagnostics: Authentication" I tested many users and all are ok

    But each time on "System: User manager settings"  when I chose in "Authentication Server" to be the LDAP server and click save and test it gives me this message:

    "The test was not performed becuase it is supported only for ldap based backends."

    I used wireshark on my ldap server and found that the pfSense can reach ldap successfully and can retrieve data from it successfully too.

    Why I can not see users on the "System: Authentication Servers" ?

    I want to see a list of users in order to add certificate for them individually for OpenVPN usage.

    Thanks.

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Dec 8, 2010, 3:28 PM

      Getting a user list and managing certificates for LDAP/RADIUS users isn't supported. (Not sure if that's 'yet' or 'ever' though). Not sure about the auth test bit though.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by Dec 8, 2010, 3:46 PM

        The error message should be fixed.
        The other side is create the user yourself and add teh certificate. Iirc it will use it.

        1 Reply Last reply Reply Quote 0
        • S
          sws
          last edited by Dec 8, 2010, 4:07 PM

          In OpenVPN advanced server the certificate is created for each user automatically.

          I have no problem with creating the certificate to each user manually but How would I pair between a user on ldap and a certificate.

          From what I understood that this is not possible at all - at least now - on pfSense

          right ?

          1 Reply Last reply Reply Quote 0
          • J
            jimp Rebel Alliance Developer Netgate
            last edited by Dec 8, 2010, 4:09 PM

            Well we don't let you pick a remote authentication mode in an SSL/TLS mode for starters, so you can't use LDAP and have certificate-based auth.

            You could just make certificates in the certificate manager by hand and just make the common name the same as the usernames. That would work fine, it just doesn't show any kind of association.

            In our user manager the association is only there as a convenience.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • S
              sws
              last edited by Dec 8, 2010, 8:20 PM

              @jimp:

              Well we don't let you pick a remote authentication mode in an SSL/TLS mode for starters, so you can't use LDAP and have certificate-based auth.

              What does you mean by starters ?

              1 Reply Last reply Reply Quote 0
              • J
                jimp Rebel Alliance Developer Netgate
                last edited by Dec 8, 2010, 8:25 PM

                As in a one of several reasons it doesn't work as it stands now. The starting reason (or main reason)

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                7 out of 7
                • First post
                  7/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received