User Authentication - Radius

  • I'm trying to get user authentication working on pfsense 2.2.2.

    We have a radius server that I have added the pfsense boxes to as clients

    We have two groups in AD, one for managers and one for operators

    I have created both groups in pfsense with the same names as in AD and I have assigned the appropriate privs to each of those groups in pfsense.

    I can test the authentication and it is successful but there are no pages displayed.

    I double checked the the privs for my group in pfsense and I have the same privs as the admin account but it's still not working for me.

    Even if I take out the groups in pfsense it still authenticates my user account. So that tells me it's not seeing my user account as being in that group in pfsense.

    How do I get it to associate my user account with the pfsense group? The pfsense group name is the exact same as the group name in AD that my user account is in.

  • There has to be something simple that I'm missing.

    Even if I create a group called Domain Users in pfsense (the same group my user account is in AD) It gets authenticated but no pages so it's still not associating my account with the pfsense group that has the privs linked to it.

  • So apparently they don't have the code in pfsense to do this just yet.

    You have to create a dummy account with the same user account name that is in AD and then add that dummy account to the group.

    Hope they get the code soon so you don't have to have dummy accounts.

Log in to reply