OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: dleung01 on July 08, 2020, 05:28:40 pm

Title: Web GUI ldap users login error
Post by: dleung01 on July 08, 2020, 05:28:40 pm

I use the version :
OPNsense 20.1.8_1-amd64
FreeBSD 11.2-RELEASE-p20-HBSD
LibreSSL 3.0.2

I have setup the LDAP server for opnsense Web GUI login by using the step from documentation:
https://docs.opnsense.org/manual/how-tos/user-ldap.html
with Read properties and Synchronize groups option active in LDAP server setting.

User import to local users database with success.
User assign to local admins group with success.
When I test the user authentication in System\Access\Tester, everything find and no error.
I got the result message:
This user is a member of these groups:
admins

When I try to login in the Web GUI, I loop in the login page and the user has being kick out of the admins group.

Do anyone have the same problem?

Title: Re: Web GUI ldap users login error
Post by: l.ansaloni on February 26, 2021, 08:45:51 am

I have the same problem with version:
OPNsense 20.7.8_4-amd64
FreeBSD 12.1-RELEASE-p12-HBSD
OpenSSL 1.1.1i 8 Dec 2020

I add to what dleung01 said from the console:

Code: [Select]

root@firewall:~ # cat /etc/group
...
admins:*:1999:root,DomainAdmins
...
When I add the user l.ansaloni to the admin group I see this:

Code: [Select]

root@firewall:~ # cat /etc/group
...
admins:*:1999:root,DomainAdmins,l.ansaloni
...
If I try to log in with the l.ansaloni user, I loop in the login page and the user has being kick out of the admins group:

Code: [Select]

root@firewall:~ # cat /etc/group
...
admins:*:1999:root,DomainAdmins
...