LDAP Server Settings - Port Value
-
I'm trying to change the Port Value, under the LDAP Server Settings from 389.
I change the "Port Value" from 389, to 1389, hit save, and then reload the page to still see port 389 selected.
What am I doing wrong here?
Thanks!
-
Looks like it's just cosmetic. The right value is put into the config it's just not reflected in the GUI.
quick fix here:
https://github.com/bsdperimeter/pfsense/commit/230b3b1b6564063834d132d788484509c86eb39f -
Thanks but it breaks the GUI.ย I've tried the configuration twice on two new rebuilds to confirm.
To see the LDAP fields I have to hit the drop box and go down to RADIUS, and then backup to LDAP again.
After you enter in all of the information you cannot edit it again as the fields and drop boxes (RADIUS/LDAP) are inaccessible thereafter.
Thanks!
-
I'm not seeing that here. Are you sure you added the right code in the right place? I get all of the ldap values as expected and do not have to change anything.
-
All aboard the failboat
I was actually adding the "+" signs
dough!
All is well now after I removed the + signs
Thanks!
-
That would do it. :-)
-
Ahh spoke to soon.
The LDAP Server Setting Port value is holding at 1389, but the "authentication testing" under diagnostics is still trying to use port 389.
Any ideas?
Thanks!
-
The auth test doesn't specifically reference anything, it just calls the same auth function as it would if someone were logging in, and that code references the port used in the config specifically so long as it exists.
What is leading you to believe that it's still using the wrong port at that point?
-
I ran tcpdump on my LDAP Server with the following commands:
e.g.
tcpdump -i eth0 host PFSENSEIP and port 389
tcpdump -i eth0 host PFSENSEIP and port 1389
When I hit "Test" from Diagnostics > Authentication with my LDAP Description name selected I only see traffic hitting on port 389 and never on 1389 as previously defined in Port value.
-
aha, it appears PHP's ldap_connect() ignores the port we pass because we pass a URL in the first parameter. So we need to add the port onto the URL.
Like so:
https://github.com/bsdperimeter/pfsense/commit/4d89e4d7818610aba44dceb3644cb2bb720bca30 -
I grabbed the git repository and then copied the auth.inc file over to the pfsense server.
Now when I go to Section besides the main page I get the following error:
"Fatal error: Call to undefined function get_configured_ipv6_addresses() in /etc/inc/auth.inc on line 143
Thanks!
-
You want the file from the RELENG_2_0 branch, not the master branch.
-
https://raw.github.com/bsdperimeter/pfsense/4d89e4d7818610aba44dceb3644cb2bb720bca30/etc/inc/auth.inc
-
Thanks
I get the same error I previously stated when going down to "Authentication".ย Everything else is working as expected.
-
Which error is that now?
-
After applying your latest change outside of the main repository I restarted the server, went for a walk, and came back and now I get no errors.
When I go to Diagnostics > Authentication
I can now see the pfsense box trying to communicate on the right port now!
My LDAP authentication passed with my users that I had setup!
Thanks!
-
Good news then :-)
