LDAP Auth - 'Username Alterations' don't work if 'User naming attribute' is…



  • I've run into an issue withe the LDAP server, and I'd like someone to test and confirm if possible.

    I have an AD LDAP server set up, which pfsense quite happily queries.  I've changed the samAccountName to userPrincipalName (as I'm creating new users for VPN logins & can't use the same samAccountName for two different users)

    User Example: samAccountname=test, upn=test@test.com

    If I test the authentication using the samAccountName, with the User Naming attribute unchecked it works. (sam=test)
    If I test the authentication using the userPrincipalName, with the User Naming attribute checked it works. (upn=test@test.com)

    If I test the authentication using the userPrincipalName, with the User Naming attribute unchecked it fails. (upn=test or upn=test@test.com)

    Could someone test this, or am I doing something wrong?

    Thanks,
    Matthew


Log in to reply