Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proxy server: Authentication with Active Directory

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nearones
      last edited by

      Dear experts, In first screen shot i had configured proxy server Authentication with my Active Directory,
      In LDAP server user DN : CN=administrator,CN=Users,DC=RFCL(my secondary DC),DC=mmclgroup(my primary DC),DC=com
      In LDAP password : My secondary DC Administrator password
      In LDAP base domain : OU=Accounts,DC=RFCL,DC=mmclgroup,DC=com (here in OU i had used accounts dept. OU, in same way i had more 15 OU's)
      Here problem is if I use Accounts OU then only accounts dept. users are able to surf the internet and no other OU users.
      In LDAP search filter : samAccountName=%s

      Now in second screen shot I had used the DC user for ACL, but here users is not going through, but users can access full internet without restriction, here if i do not use thier names then too users are able to surf internet unristricted.

      Now in third screen shot it prompts for the DC username and it works and able to surf but as the user is already been logged in to the machine through DC users name then it should not prompt. Disadvantage is supose the user is logged in with XYZ DC user and while surfing internet the uses ABC DC user then ABC users log will be generated and not of XYZ.

      Please Guide.

      Regards,
      Prashant Chauhan
      3.jpg
      3.jpg_thumb
      4.jpg
      4.jpg_thumb
      6.jpg_thumb
      6.jpg

      1 Reply Last reply Reply Quote 0
      • D
        dvserg
        last edited by

        SquidGuard Group ACL: Client names must be enter in the quotes.

        SquidGuardDoc EN  RU Tutorial
        Localization ru_PFSense

        1 Reply Last reply Reply Quote 0
        • N
          nearones
          last edited by

          @dvserg:

          SquidGuard Group ACL: Client names must be enter in the quotes.

          Sir, I had inserted the DC users names with the quotes and i am able to browse via ACL. But problem for other OUs users other than IT OU remains same.
          This attachment shows my config. Please let me know what should i uses in LDAP base domain field insted of OU=IT,DC=RFCL,DC=mmclgroup,DC=com so that my other OU users can also able to browse.

          4.jpg
          4.jpg_thumb

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.