LDAP/AD permissions, nested security groups?

  • We have a pfSense 2.1.5 firewall using AD to authenticate admin users.  It works great when users are in the primary security group but if we nest security groups in AD the users are unable to log in.  A major goal of this infrastructure is to have role-based authentication so utilizing security groups in this manner make it easier to manage from AD.

    I finally found a patch that hasn't had any traction on it in over two years:  https://redmine.pfsense.org/issues/1009

    Does anybody have any insight on this?