• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

LDAP authentication support

Scheduled Pinned Locked Moved General pfSense Questions
30 Posts 7 Posters 25.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    sullrich
    last edited by Dec 28, 2005, 7:21 PM

    Get in touch with me on freenode, handle is GeekGod.

    Good work!

    1 Reply Last reply Reply Quote 0
    • J
      Juve
      last edited by Dec 29, 2005, 9:59 AM

      Ok ;-)

      So after many tests, LDAP authentication works with :

      • openLDAP
      • Fedora Directory Server (FDS=sunone)
      • Active Directory (W2K3)
      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by Dec 29, 2005, 8:14 PM

        Next step is to integrate Auth for the web interface, then move on to captive portal, pppoe and such.  It actually should be pretty easy to do these portions.

        1 Reply Last reply Reply Quote 0
        • J
          Juve
          last edited by Dec 30, 2005, 12:55 PM

          Yes, and also to have php compiled with the ldap support on the next pfsense release ;-)

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by Dec 30, 2005, 5:59 PM

            No problem.

            1 Reply Last reply Reply Quote 0
            • J
              Juve
              last edited by Dec 30, 2005, 9:46 PM

              I saw on the CVS track timeline that compilation wasn't ok. What's up ? what is the problem ? Can we repair it ?

              1 Reply Last reply Reply Quote 0
              • S
                sullrich
                last edited by Dec 30, 2005, 9:53 PM

                Cannot compile LDAP in as static.

                Will address after the 1.0 release.

                1 Reply Last reply Reply Quote 0
                • J
                  Juve
                  last edited by Dec 30, 2005, 10:01 PM

                  Ok, contact me as soon as it is available ;-)

                  1 Reply Last reply Reply Quote 0
                  • J
                    Juve
                    last edited by Jan 2, 2006, 11:39 AM Jan 2, 2006, 11:37 AM

                    Hi ;-)

                    I have made a new version of the LDAP authentication function that allow the admin to specify a list of groups (memberOf in LDAP) where the authorized users should be.
                    In fact I wrote it because of Active Directory, it is easier for the admin to create a group and put authorized users into than creating a whole new OU.

                    So now, the admin of the Active directory can tell the function that only the "managers" and "business people" groups (of the OU of their dreams) can authenticate through the captive portal.

                    Tell me if you are interested Scott ;-)

                    1 Reply Last reply Reply Quote 0
                    • A
                      aldo
                      last edited by Jan 2, 2006, 1:43 PM

                      it sounds great do we think it will be compatable with openldap

                      1 Reply Last reply Reply Quote 0
                      • H
                        hoba
                        last edited by Jan 2, 2006, 1:53 PM

                        @Juve:

                        Ok ;-)

                        So after many tests, LDAP authentication works with :

                        • openLDAP
                        • Fedora Directory Server (FDS=sunone)
                        • Active Directory (W2K3)

                        I guess you have missed that message  ::)

                        1 Reply Last reply Reply Quote 0
                        • S
                          sullrich
                          last edited by Jan 2, 2006, 9:37 PM

                          @Juve:

                          Hi ;-)

                          I have made a new version of the LDAP authentication function that allow the admin to specify a list of groups (memberOf in LDAP) where the authorized users should be.
                          In fact I wrote it because of Active Directory, it is easier for the admin to create a group and put authorized users into than creating a whole new OU.

                          So now, the admin of the Active directory can tell the function that only the "managers" and "business people" groups (of the OU of their dreams) can authenticate through the captive portal.

                          Tell me if you are interested Scott ;-)

                          Sounds great.  When are you going to start integrating with pfSense? :)

                          1 Reply Last reply Reply Quote 0
                          • J
                            Juve
                            last edited by Jan 3, 2006, 6:45 AM

                            I will start it as soon as possible. First of all, I need to see how pfsense saves settings, then I will do the mfc changes, then I will call on you to build a release with php+ldap :-D

                            Let's go to work :-D

                            1 Reply Last reply Reply Quote 0
                            • J
                              Juve
                              last edited by Jan 3, 2006, 9:35 AM

                              That's done ;-)

                              I've modified the captive_portal page too, in order to use my function. Next step is LDAP support for Php ;-)

                              Pfsense roxxx !

                              1 Reply Last reply Reply Quote 0
                              • H
                                hoba
                                last edited by Jan 3, 2006, 9:58 AM

                                Awesome! You rock too  ;D

                                1 Reply Last reply Reply Quote 0
                                • ?
                                  Guest
                                  last edited by Jan 4, 2006, 1:28 AM

                                  All of you guys rock.  Even billm.

                                  1 Reply Last reply Reply Quote 0
                                  • B
                                    billm
                                    last edited by Jan 4, 2006, 1:34 AM

                                    @submicron:

                                    All of you guys rock.  Even billm.

                                    Nah, I don't rock, I stone.

                                    –Bill

                                    pfSense core developer
                                    blog - http://www.ucsecurity.com/
                                    twitter - billmarquette

                                    1 Reply Last reply Reply Quote 0
                                    • W
                                      wjoyce
                                      last edited by Jan 8, 2006, 9:44 PM

                                      Curious to know what the time frame is on LDAP support and what will be supported.  May I humbly suggest a FAQ just on LDAP support?

                                      1 Reply Last reply Reply Quote 0
                                      • S
                                        sullrich
                                        last edited by Jan 8, 2006, 9:45 PM

                                        1.1.  Not for a LONNNNNG time.

                                        1 Reply Last reply Reply Quote 0
                                        • W
                                          wjoyce
                                          last edited by Jan 8, 2006, 10:09 PM

                                          What are the issues?  I would like to help out on this front if I am capable.

                                          1 Reply Last reply Reply Quote 0
                                          29 out of 30
                                          • First post
                                            29/30
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                            This community forum collects and processes your personal information.
                                            consent.not_received