OPNsense Forum
Archive => 17.7 Legacy Series => Topic started by: narfight on August 28, 2017, 01:45:07 pm
-
Hello,
I tried to use "memberOf:1.2.840.113556.1.4.1941:=CN..." to get the list of users who are in nested group for my VPN connection.
I use this configuration :
- Type : LDAP
- Hostname or IP address : 10.0.0.10
- Port value : 389
- Transport : TCP - Standard
- Protocol version : 3
- Bind credentials : User DN: MyCorp\LDAP
- Search scope : Entire Subtree
- Base DN : OU=Macell,DC=MyCorp,DC=org
- Authentication containers : DC=MyCorp,DC=org
- Extended Query : &(memberOf:1.2.840.113556.1.4.1941:=CN=TESTGROUP,OU=Remote Login,OU=00 Security Group,OU=Macell,DC=MyCorp,DC=org)
- User naming attribute : sAMAccountName
the reply are users directly member of TESTGROUP and ... list of groups member of this group.
Can you confirm that it is possible to use "1.2.840.113556.1.4.1941" on OpnSense ?
Thank you
-
Two error in my config.
First : add "(objectCategory=person)" to my Extended Query.
second : Allow my user "LDAP" to read in all of DC !