Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    LDAP auth creates constant queries

    webGUI
    3
    4
    629
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Halandar last edited by

      Hi,

      i configured my pfsense, for ldap (SSL) user login. So i have ldap groups defined, for my vpn users, my pfsense admin users, and so on.
      It works perfectly fine, except, that if a admin user is logged into the pfSense WebGUI, the pfSense does constant storm of LDAP queries for the logged in user. I have no idea for what. It queries the logged in user for the groupmembership attriubte, and it gets an answer.
      What is the point in that? Is it a bug?

      Thank you
      best regards
      Halandar

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        It's how the auth system is designed, which is sort of a bug but not quite.

        Each time a client loads a page it re-checks the auth to make sure it's still valid, because it doesn't do a persistent LDAP session style login, only an immediate one-off access request.

        1 Reply Last reply Reply Quote 0
        • H
          Halandar last edited by

          Thank you! So would this issue be worth a bug report?
          Becourse for normal login, this behaviour makes sense, but not for ldap.

          1 Reply Last reply Reply Quote 0
          • C
            CDuv last edited by

            I've the same issue here: A LDAP server is configured (for VPN auth) but only using local account (admins) on webGUI.
            Moreover theses LDAP connections/lookup can breaks webGUI when LDAP server is down/unreachable (eg. down Internet connection): each page takes about 40-50 seconds to display: I'm guessing it's because LDAP queries that have to timeout before PHP script can continue…

            Others have already encountered the same timeout problem:

            • LDAP Timeout

            • Incorrect LDAP setup causing Gui lockout

            • Web GUI is super slow (SOLVED)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy