User Manager and LDAP-Groups



  • Hello,

    I can not use LDAP groups. The ldap authentication works, but there is no mapping of the LDAP-Groups. When I try the "Diagnostics: Authentication Tool", the User authenticated successfully. But there are no Groups.
    I took many screenshots of the settings, maybe it helps. Please help me.

    Have a nice day!

    Samuel
    Here I get no groups

    Settings




    LDAP Browser





















  • Hello,

    I found the reason in the file auth.inc.
    I have created a patch. All "objectClass=posixGroup" are searched by the attribut memberUid. Perhaps there should be a possibility to set "objectClass=posixGroup" and "memberUid" on the web gui.

    Greetings

    Snowyrain

    ldap_groups.patch.txt



  • Hello,

    I'm facing similar problems in setting up LDAP authentication on the captive portal (pfsense 2.0.1).

    I applied your patch but the diag_authentication.php page seems to call ldap_get_groups() function twice. Once for the admin user that is logged in and the second time for the user I'm trying to test.

    Also, I do not find any code in the php files that authenticate captive portal logins to the LDAP. Have you come across something similar?

    Was wondering if you can help in this.

    Regards,
    Rajat



  • Hello rajatag,

    I don't use the captive portal. In the web-IF are only this options:

    WebCfg - Services: Captive portal page
    WebCfg - Services: Captive portal: Allowed IPs page
    WebCfg - Services: Captive portal: Allowed IPs page
    WebCfg - Services: Captive portal: Edit Allowed IPs page
    WebCfg - Services: Captive portal: Edit Allowed IPs page
    WebCfg - Services: Captive portal: Edit MAC Addresses page
    WebCfg - Services: Captive portal: File Manager page
    WebCfg - Services: Captive portal: Mac Addresses page
    WebCfg - Services: Captive portal Voucher Rolls page
    WebCfg - Services: Captive portal Vouchers page
    WebCfg - Status: Captive portal page
    WebCfg - Status: Captive portal test Vouchers page
    WebCfg - Status: Captive portal Voucher Rolls page
    WebCfg - Status: Captive portal Vouchers page

    So I don't think it is implmented in pfsense.

    @rajatag:

    Also, I do not find any code in the php files that authenticate captive portal logins to the LDAP. Have you come across something similar?


Locked