Project

General

Profile

Actions

Feature #2869

closed

LDAP user authentication backend doesn't support membership lookups by querying the group

Added by Jan Christoph Ebersbach over 11 years ago. Updated almost 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
User Manager / Privileges
Target version:
-
Start date:
03/12/2013
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

As far as I understood the LDAP authentication backend, the group membership needs to be stored in an attribute of the user. This is the default for Active Directory but for other LDAP servers like OpenLDAP, a special memberOf-overlay needs to be activated. It would be very convenient if pfSense would be able to look up the group membership by 1. retrieving the user's DN and 2. querying the LDAP server for all groups the user is a member of (attributes memberUid or uniqueMember).

Actions

Also available in: Atom PDF