No longer log into web gui with any user but admin
-
I have been running pfsense 2.0.1 for approximately 6 months. After shutting down to blow out the pc I can no longer login with any user besides the admin user. I can use openVPN and login to the shell, but when I attempt to login to the web GUI I get an error that there is no page assigned to this user. The user is an admin user, and I even created another user with admin privileges with no changes.
After creating the new user with no luck, I then went into the the user properties for the old existing user and selected all pages…
I have tried rebooting the router again, and have covered every area I can possibly think of to resolve this issue.
Only thing I can find in the logs is this...
php: /index.php: User logged out for user 'drogers' from: 10.0.0.139(drogers is the user I have been using since day 1 to access the web GUI)
I realize I may be lacking some important info, if there is anything else I need to post please let me know and I will get the information or logs.
-
I have the exact same problem.
Im using the default local database auth server.Testing the login on Diagnostics > Authentication gives me the result:
User: jfassad authenticated successfully.
This user is a member of these groups:
all adminsEverything looks fine except I can't login with the user.
EDIT: Running 2.0.1-RELEASE
-
I have managed to fix the problem.
I had to edit /etc/inc/priv.inc and comment lines 252 e 253
249 function getAllowedPages($username) { 250 global $config, $_SESSION; 251 252 // if (!function_exists("ldap_connect")) 253 // return;Im not using ldap and after inspecting the code, not thoroughly, I must admit. I don't think it will break anything.
I looked but couldn't find the function ldap_connect declaration anywhere. I wonder how it was working before the reboot. Maybe something got deleted during the reboot somehow.
Can anybody please check where is the function ldap_connect declared and tell me ?
regards,
Joao
-
Looks like the problem is that php ldap module was not loaded.
cat /var/run/php_modules_load_errors.txt
ldap did not load correctly. Removing from php.ini…
And here is why:
On /tmp/PHP_errors.log:
[12-Jul-2012 21:40:50] PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20060613/ldap.so' - Shared object "libsasl2.so.2" not found, required by "libldap-2.4.so.8" in Unknown on line 0I did not remove libsasl2.so.2 myself, but I have this feeling that I remember seeing libsasl being mentioned in some package I installed. I probably removed this package later and libsasl2.so.2 was removed by the script.
Are there any package install/remove logs that I can check ?
-
I have managed to fix the problem.
I had to edit /etc/inc/priv.inc and comment lines 252 e 253
249 function getAllowedPages($username) { 250 global $config, $_SESSION; 251 252 // if (!function_exists("ldap_connect")) 253 // return;I applied the fix above and it seemed to work for me as well. I also am not using LDAP and it would be nice if we could disable this completely or at least stop the module from loading.
-
knotbeerdan,
It seems the problem is that some package that you and had had installed and subsequently removed , ended up deleting libsasl which is a core dependency. Without libsasl installed php wont load the ldap module and will break the getAllowedPages function.
There is even an old bug report describing a similar case - http://redmine.pfsense.org/issues/875
-
Thanks for the info!