so, i ran into an interesting issue recently. I have a vpn access group defined, and recently, i had my webgui user account lose all of its groups, including the admin group and the vpn user group. this has happened sever times in the past as well. logs do not show any users changing the groups.
The only part that does this is LDAP group sync. So are you using an LDAP authentication binding? ;)
Cheers,
Franco
we are for other users. we don't for admin users atm. however, there is an ldap account with an identical username that is not imported to opnsense. is it still seeing that and overwriting?
Looks like the configuration is asking for trouble.
Cheers,
Franco
i guess i don't know enough about the LDAP integration to know. i'll probably end up separating my admin user from the VPN anyhow.