Project

General

Profile

Actions
Copy link

Feature #16029

open

Add option to search for LDAP groups in the base DN

Added by David Benes about 1 year ago. Updated 4 days ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
CE-Next
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Plus-Next
Release Notes:
Default

Description

We are using OpenLDAP that we want to use for the OpenVPN authentication.
Idea is to allow only those users that are part of one specific group.
Groups and users are within separate LDAP tree. Users in ou=users,dc=test,dc=com and groups in ou=groups,dc=test,dc=com.
When configuring it this way in PFsense, we have found out that as there are separate searches for each container, the same is used also for group search.
Because of that the only way to make it work is to create group within the same tree/container as the user that is being logged in.

Actions
Copy link
 #1

Updated by Marcos M 11 months ago

  • Status changed from New to Pull Request Review
Actions
Copy link
 #2

Updated by David Benes 25 days ago

The same change is also necessary when configuring OpenLDAP as authentication server for pfSense itself.
Situation is the same also in version 2.8.1.

Actions
Copy link
 #3

Updated by Anonymous 4 days ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100
Actions
Copy link
 #4

Updated by Marcos M 4 days ago

  • Tracker changed from Bug to Feature
  • Subject changed from When using LDAP group filter, group has to be in the same LDAP container as the user to Add option to search for LDAP groups in the base DN
  • Target version set to CE-Next
  • Plus Target Version set to Plus-Next
  • Affected Version deleted (2.7.2)
Actions
Copy link

Also available in: Atom PDF