OpenVPN with LDAP Windows 2012 R2 domain "AUTH_FAILED"



  • Hi,

    I installed a pfsense with OpenVPN in bridge mode "tap". I get connected with a local account, but I can not connect with Active Directory.

    Tue 16 September 2014 11:29:13 AUTH: Received control message: AUTH_FAILED
    Tue September 16 11:29:13 2014 SIGUSR1 [soft, auth-failure] received, process restarting

    My domain is a domain level 2012 R2.
    ping the servers OK. I can browse and select my OUs (in system> users manager> server)

    I have a similar setup with a 2003 domain, it works.

    Do you have any tips please?

    Thank you in advance,
    regards



  • can you post your sanitized ldap config?
    Are you using extended queries?

    one thing that made a difference in my domain is the extended query is in the format
    memberOf=CN=Groupname,CN=Users,DC=domainname,DC=com
    and not
    CN=Groupname,OU=MyGroups,DC=example,DC=com

    Also group member attribute is set to memberOf



  • Hi,

    Thank you for your reply.

    I do not use groups, it is not mandatory? OU contains only users …
    Attached screeshot ...




  • Hello,

    It's okay.

    The problem was my configuration (User naming attribute /  group naming attribute). It was incorrect.

    Attached screeshot (good configuration) to compare with the previous.

    Thank you so much!




  • I think the group member attribute is what is causing most peoples issues with ad/ldap.

    Glad you got it working. :)


Log in to reply