Problem with LDAP and User rights
-
Hi,
We created in our pfSense a user called test. We put him in the admin group. So he has now full adminrights. But if we login with this user, the message no page assigned to this user. click here to logout was shown. what are we doing wrong?
Our second problem is the configuration with our LDAP server.
We have tied up the LDAP server. The userlogin works fine, but only the login. Assign user rights isn't possible. The same message as in our first problem appears. To explain: We created a group in pf with the same name as on the ldap server (temp_test) and assigned rights to this group. But it didn't work too.So, we are a bit clueless.
Other question? Is there somewhere a good documentation on the web about pf and LDAP?
-
myxir,
As for your first problem I'm not sure, I created a test user and assigned him the admin group and was able to login to the admin page just fine. Maybe the test user is disabled?
As for your second problem: When using LDAP I've found that you cannot control or assign groups rights within pfSense. You are using LDAP against your DC (im assuming and that you are using RADIUS) and therefore your DC is going to take care of any permissions. If you want your pfSense to manage the users/groups you will need to manually create each user/group. I may be wrong but this is what I've found.
Overall what is your goal? Are you simply trying to setup VPN and authenticate users against Active Directory?