Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LDAP Server Settings - Port Value

    Scheduled Pinned Locked Moved webGUI
    17 Posts 2 Posters 5.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shon
      last edited by

      I'm trying to change the Port Value, under the LDAP Server Settings from 389.

      I change the "Port Value" from 389, to 1389, hit save, and then reload the page to still see port 389 selected.

      What am I doing wrong here?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Looks like it's just cosmetic. The right value is put into the config it's just not reflected in the GUI.

        quick fix here:
        https://github.com/bsdperimeter/pfsense/commit/230b3b1b6564063834d132d788484509c86eb39f

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • S
          shon
          last edited by

          Thanks but it breaks the GUI.ย  I've tried the configuration twice on two new rebuilds to confirm.

          To see the LDAP fields I have to hit the drop box and go down to RADIUS, and then backup to LDAP again.

          After you enter in all of the information you cannot edit it again as the fields and drop boxes (RADIUS/LDAP) are inaccessible thereafter.

          Thanks!

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            I'm not seeing that here. Are you sure you added the right code in the right place? I get all of the ldap values as expected and do not have to change anything.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • S
              shon
              last edited by

              All aboard the failboat

              I was actually adding the "+" signs

              dough!

              All is well now after I removed the + signs

              Thanks!

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                That would do it. :-)

                Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • S
                  shon
                  last edited by

                  Ahh spoke to soon.

                  The LDAP Server Setting Port value is holding at 1389, but the "authentication testing" under diagnostics is still trying to use port 389.

                  Any ideas?

                  Thanks!

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    The auth test doesn't specifically reference anything, it just calls the same auth function as it would if someone were logging in, and that code references the port used in the config specifically so long as it exists.

                    What is leading you to believe that it's still using the wrong port at that point?

                    Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • S
                      shon
                      last edited by

                      I ran tcpdump on my LDAP Server with the following commands:

                      e.g.

                      tcpdump -i eth0 host PFSENSEIP and port 389

                      tcpdump -i eth0 host PFSENSEIP and port 1389

                      When I hit "Test" from Diagnostics > Authentication with my LDAP Description name selected I only see traffic hitting on port 389 and never on 1389 as previously defined in Port value.

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        aha, it appears PHP's ldap_connect() ignores the port we pass because we pass a URL in the first parameter. So we need to add the port onto the URL.

                        Like so:
                        https://github.com/bsdperimeter/pfsense/commit/4d89e4d7818610aba44dceb3644cb2bb720bca30

                        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • S
                          shon
                          last edited by

                          I grabbed the git repository and then copied the auth.inc file over to the pfsense server.

                          Now when I go to Section besides the main page I get the following error:

                          "Fatal error: Call to undefined function get_configured_ipv6_addresses() in /etc/inc/auth.inc on line 143

                          Thanks!

                          1 Reply Last reply Reply Quote 0
                          • jimpJ
                            jimp Rebel Alliance Developer Netgate
                            last edited by

                            You want the file from the RELENG_2_0 branch, not the master branch.

                            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                            Need help fast? Netgate Global Support!

                            Do not Chat/PM for help!

                            1 Reply Last reply Reply Quote 0
                            • jimpJ
                              jimp Rebel Alliance Developer Netgate
                              last edited by

                              https://raw.github.com/bsdperimeter/pfsense/4d89e4d7818610aba44dceb3644cb2bb720bca30/etc/inc/auth.inc

                              Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                              Need help fast? Netgate Global Support!

                              Do not Chat/PM for help!

                              1 Reply Last reply Reply Quote 0
                              • S
                                shon
                                last edited by

                                Thanks

                                I get the same error I previously stated when going down to "Authentication".ย  Everything else is working as expected.

                                1 Reply Last reply Reply Quote 0
                                • jimpJ
                                  jimp Rebel Alliance Developer Netgate
                                  last edited by

                                  Which error is that now?

                                  Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                                  Need help fast? Netgate Global Support!

                                  Do not Chat/PM for help!

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    shon
                                    last edited by

                                    After applying your latest change outside of the main repository I restarted the server, went for a walk, and came back and now I get no errors.

                                    When I go to Diagnostics > Authentication

                                    I can now see the pfsense box trying to communicate on the right port now!

                                    My LDAP authentication passed with my users that I had setup!

                                    Thanks!

                                    1 Reply Last reply Reply Quote 0
                                    • jimpJ
                                      jimp Rebel Alliance Developer Netgate
                                      last edited by

                                      Good news then :-)

                                      Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                                      Need help fast? Netgate Global Support!

                                      Do not Chat/PM for help!

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.