Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dansgurdian AD FilterGroups

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jamesk
      last edited by

      I'm trying to configure Dansgurdian to pull user from Active Directory and load them into filtergroups, but I don't know how to make this work.

      I have tried configuring the LDAP section of Dansgurdian but cannot seem to make it load users from my AD groups…. I'm not sure that it even support AD.  I have attached a screen shot of my config.

      While researching this problem I ran across this article http://techblog.roethof.net/open-source/dansguardian-and-active-directory/ which seem simple enough to implement but every time I reboot PFSense, dansgurdian's filtergroups file (\usr\local\etc\dansgurdian\lists\filtergroupslist) is over written and my changes lost.

      Thoughts suggestions?

      Thanks!
      ![ScreenHunter_32 Jan. 11 20.37.jpg](/public/imported_attachments/1/ScreenHunter_32 Jan. 11 20.37.jpg)
      ![ScreenHunter_32 Jan. 11 20.37.jpg_thumb](/public/imported_attachments/1/ScreenHunter_32 Jan. 11 20.37.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • marcellocM
        marcelloc
        last edited by

        Does your pfsense dns configuration can resolve local domains?

        Did you tried to configure the mask?

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • N
          neil
          last edited by

          I recently got this working and notice two possible issues/differences in your screen dump.

          1. try putting the IP address of your pfsense box in the Hostname field

          2. in the username field DONT put dc entries.  ie all that I used was cn=Administrator,cn=users

          Also remember that your group names must match exactly corresponding group names in AD (including case).

          1 Reply Last reply Reply Quote 0
          • marcellocM
            marcelloc
            last edited by

            @neil:

            2. in the username field DONT put dc entries.  ie all that I used was cn=Administrator,cn=users

            Yes, just like suggested on field info.

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.