Incorrect LDAP setup causing Gui lockout


  • Please help, I was playing with LDAP on PFSense 2.0 and entered incorrect settings after saving the gui is only somewhat accessible, I can get to the dashboard when logging in as admin and I can get to the usertab of the Usermanager,

    Any other tab and page is inaccessible. I need to set authentication back to local. I have tried to reset the gui and I rebooted with no luck.

    Does anybody know where I would go to fix this via the shell?

    Tx


  • Not sure if you can access your webgui, mine was taking about 1 minute + to load a page. Anyways I changed my authentication provider back to Local Dababase.

    Check out my post here - http://forum.pfsense.org/index.php/topic,43802.msg226920.html#msg226920


  • Same problem here, i was testing ldap authentication with a Windows 2008R2 Domain Controller and had the test-dc shut down: i was barely able to login to the system. I suppose it's due to the fact that almost every page you visit the system checks if the user is ok.
    According to http://doc.pfsense.org/index.php/User_Manager "If you are using an LDAP server and the authentication server times out, the system will fall back to using pfSense's built-in authentication" so I think this could be solved lowering the ldap timeout but i havent found an option for it.

    Generally I think this should be changed: the ldap user connection could be used for authenticating VPN users but having the ldap server down shouldnt be disruptive for the whole firewall system.

    EDIT according to system log, it looks like everytime the system try to check which group the user belongs to:

    php: /system.php: ERROR! ldap_get_groups() could not bind to server test 2008.