AD Group names with spaces or longer than 16 characters

  • I have pfsense using our corporate Active Directory server for authentication, and attempting to add some of these AD groups for different levels of authorization within the System: Group manager window.  I have come across the following two limitations:

    1. a Group's name cannot have more than 16 characters.
    2. a Group's name with a space doesn't seem to work

    Unfortunately, I do not have control over what the AD group names are as the domain serves upwards of 100k users.

    How might I be able to get around these two limitations within pfSense?

    I am currently on 2.1.4

  • you should post your settings
    Including but not limited to
    Extend queries set?
    Settings for
    User naming attribute   
    Group naming attribute   
    Group member attribute

  • samAccountName

    I should clarify that AD authentication works perfect for any AD groups that do not have spaces.  I found the exact LDAP settings for AD from another post here (not sure the exact post).

  • Are you using extended queries?

    You should post a screenshot of your config page.  Blank out anything you might feel is sensitive but do it in a way we can see all the strings.

    you can also try and escape the space with \20 and see if that works

    ou=OU WithSpace


    might  be %20 as escape for space. so would be ou=OU%20WithSpace

    if you need multiple groups to be searched the authentication container string should look similar to this

    I use extended queries for my vpn access and it looks like this

Log in to reply