Project

General

Profile

Actions
Copy link

Feature #2869

closed

LDAP user authentication backend doesn't support membership lookups by querying the group

Added by Jan Christoph Ebersbach about 11 years ago. Updated about 7 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
User Manager / Privileges
Target version:
-
Start date:
03/12/2013
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

As far as I understood the LDAP authentication backend, the group membership needs to be stored in an attribute of the user. This is the default for Active Directory but for other LDAP servers like OpenLDAP, a special memberOf-overlay needs to be activated. It would be very convenient if pfSense would be able to look up the group membership by 1. retrieving the user's DN and 2. querying the LDAP server for all groups the user is a member of (attributes memberUid or uniqueMember).

Actions
Copy link
 #1

Updated by Kill Bill about 7 years ago

Not exactly sure what's missing here:

Actions
Copy link
 #2

Updated by Jim Pingle about 7 years ago

  • Status changed from New to Resolved

Yeah that's been in place for some time now

Actions
Copy link

Also available in: Atom PDF