OpenLdap with CP. Authentification problem.
-
Hi,
First my english is not perfect so please forgive my errors !
I'll try to short things up.
Main goal :
I have an openLdap running and I would like to use the users of my ldap in the Pfsense's captive portal(CP).
–-
Everything is in virtual.
So to configure my openldap, i made a really simple one, on ubuntu 9.04, migrated some user/group/pass from the old Nis server, and i administrate this with Phpopenldap.
I have my Pfsense 2.0 running nothing special to say.
So here are some screen to see where i am in this project.
So connection with openldap works and he also find OU. My user are in the OU people.
–-
So now a test :
So the password for john is password! AM I LYING ? I don't think so let's see on Phpopenldap :
–-
So you actually see the problem i have.
Authentification with Openldap does not work.
I am not sure i gave enought Information to solve the problem but ask me more if you want to help me !
-
Hmm today i reinstalled all,
and strangely, John works with the authentification tools in pfsense, but doesnot throught the CP i got this error :
Invalid credentials specified. Invalid credentials specified. Invalid credentials specified. Invalid credentials specified.
Someone knows ?
-
I've noticed a lot of the times where the backend may not be case sensitive for the login ID, the front end may be. Make sure that when you're typing John, it's exactly as it appears in the ldap entry.
Hmm today i reinstalled all,
and strangely, John works with the authentification tools in pfsense, but doesnot throught the CP i got this error :
Invalid credentials specified. Invalid credentials specified. Invalid credentials specified. Invalid credentials specified.
Someone knows ?
-
Nop it's not that Heavy.
So the problem is different now: the PFSENSE auth tools works :
But not the Captive Portal :
I added a wireshark screen, i don't really understand it :
-
bump
-
CP does not yet support authenticating through ldap.
Possibly for 2.1 it will be added. -
you mean 2.0 doesn't work with openldap ??? or 1.2.3 ?
I use the Non stable one 2.0, and atm i will try to use new released one.
-
No, i mean CP cannot authenticate directly to ldap while it can with radius or local users of pfSense.
pfSense it self, the management GUI, can authenticate with ldap. So can some of the services in the installation like openvpn.
-
Ok really thanks for the reply, i have been searching over and over to find a solution, i thought i was doing something wrong somewhere, so it's just not yet working ! ! I will install a freeradius and test it, and give some news here!
Thanks again.
