pfSense » pfSense Packages

Hi,

I use a virtual machine with pfSense 2.3.4 (amd64) with Squid package v0.4.37 (including squid 3.5.26).

I have to bind to an active directory, so in Services > Squid Proxy Server > Authentication I choose :

• LDAP
• IP of the DC
• Port 389
• LDAP version : 3
• LDAP Server User DN : CN=pfsensead,CN=Users,DC=corp,DC=lan
• LDAP Password : ****
• LDAP Base Domain : DC=corp,DC=lan
• LDAP Username DN Attribute : sAMAccountName
• LDAP Search Filter : (&(memberOf=CN=proxy-allow,OU=Service testé,DC=corp,DC=lan)(sAMAccountName=%s))

With this configuration an active directory user must be member of the group "proxy-allow" to be authenticated by Squid.

The issue is the accent "é" in the OU name.
I tried with no space in OU, it does not work.
I tried with space and no accent : it works.
I tried with no group and LDAP Search filter : "((sAMAccountName=%s)" : it work.

When I click on Save pfSense ignore modification.

I don't know if it's an encoding issue in the web interface or in the config file. And... I know it's a very bad idea to have an accent (or a space) in LDAP path, but I am not at the origin of this.

Regards