Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Incorrect LDAP setup causing Gui lockout

    Scheduled Pinned Locked Moved webGUI
    3 Posts 3 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      goodenz
      last edited by

      Please help, I was playing with LDAP on PFSense 2.0 and entered incorrect settings after saving the gui is only somewhat accessible, I can get to the dashboard when logging in as admin and I can get to the usertab of the Usermanager,

      Any other tab and page is inaccessible. I need to set authentication back to local. I have tried to reset the gui and I rebooted with no luck.

      Does anybody know where I would go to fix this via the shell?

      Tx

      1 Reply Last reply Reply Quote 0
      • N
        nutt318
        last edited by

        Not sure if you can access your webgui, mine was taking about 1 minute + to load a page. Anyways I changed my authentication provider back to Local Dababase.

        Check out my post here - http://forum.pfsense.org/index.php/topic,43802.msg226920.html#msg226920

        1 Reply Last reply Reply Quote 0
        • E
          Ecio
          last edited by

          Same problem here, i was testing ldap authentication with a Windows 2008R2 Domain Controller and had the test-dc shut down: i was barely able to login to the system. I suppose it's due to the fact that almost every page you visit the system checks if the user is ok.
          According to http://doc.pfsense.org/index.php/User_Manager "If you are using an LDAP server and the authentication server times out, the system will fall back to using pfSense's built-in authentication" so I think this could be solved lowering the ldap timeout but i havent found an option for it.

          Generally I think this should be changed: the ldap user connection could be used for authenticating VPN users but having the ldap server down shouldnt be disruptive for the whole firewall system.

          EDIT according to system log, it looks like everytime the system try to check which group the user belongs to:

          php: /system.php: ERROR! ldap_get_groups() could not bind to server test 2008.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.