Bug #4892
closed
LDAP Windows 2012 R2
0%
Description
I have an existing Active Directory domain and I recently added another AD Server in my existing domain. Existing servers are Windows 2008 R2 and my new one is Windows 2012 R2. When I change my existing working LDAP configuration in pfSense to point to the 2012 R2 DC and press the button for select authentication containers I get an error "Could not connect to the LDAP server. Please check your LDAP configuration." If then go back to the Settings tab and go to the authentication server drop down and press the save and test button I get this.
Attempting connection to
192.168.200.27
OK
Attempting bind to
192.168.200.27
OK
Attempting to fetch Organizational Units from
192.168.200.27
failed
pfSense is able to connect and bind hjust fine but whatever the fetching on Organization units is it fails on. I cant find anything else in the logs to indicate where the issues is. If I change nothing else but change the IP to the old server (192.168.200.26) everything works. Am i doing something wrong or is this an incompatibility with Windows 2012 R2?
Updated by Jim Pingle over 8 years ago
- Status changed from New to Rejected
This should be on the forum first for discussion until/unless a bug is confirmed.
That said, I hit something recently where even though anonymous binds were configured, my browser or a plugin had pre-filled login info into the bind credentials box which caused the bind to fail since the credentials were wrong. If you have anonymous binds active, check the box to provide bind credentials, clear out the input fields, then uncheck the box again and try to select the containers.
Even if that is not the same case, if it works against one it should work again the other unless there is a configuration issue with your settings or the AD server.
Updated by Adam Esslinger over 8 years ago
I do not have anonymous binds enabled. I have a domain user & password specified. The tests shows that connect and bind are successful.
Updated by Kill Bill over 8 years ago
Using LDAP with OUs and 2012 R2 in multiple places. Definitely not a generic issue.