Messages

1

16.1 Legacy Series / Re: Using Active Directory for Authentication

« on: February 16, 2016, 12:55:39 am »

This isn't pfSense ;-)
Maybe a dev can clarify, but I believe it's not yet possible atm.

And check on IRC as well.

Didn't mean to offend, I'm just checking out the project and just wanted to know the nature of the authentication.
Thanks everyone for the info.

2

16.1 Legacy Series / Re: Using Active Directory for Authentication

« on: February 15, 2016, 06:43:28 pm »

I do have a user on the OPNsense box that is connected to my AD.
But it's been so long I can't remember exactly how I did it.

I'd have to create a new user in my AD and set that up in OPNsense to figure out how exactly I got it to work...

Yes I have it working this way. I'm looking to use only my AD to authenticate the user without having to duplicate the username on the local box. This is how it works in PfSense today.

3

16.1 Legacy Series / Re: Using Active Directory for Authentication

« on: February 15, 2016, 12:58:15 pm »

Only a home user here, so I kept it simple for myself.
I selected the Domain Admins under Authentication Containers in System:Access:Servers eq "OU=Domain Admins,DC=weust,DC=local" (without the quotes, since you can browse it).

Perhaps use a AD Global Group instead of a box group?

Thanks this didn't work for me. So the way you did it you didn't have to create a local yours on your OPNSense box correct corresponding to the domain account? That is what I'm trying to avoid doing if possible.

4

16.1 Legacy Series / Re: Using Active Directory for Authentication

« on: February 15, 2016, 12:19:46 am »

Just as another data point, if I create the user on the box and add them to the group I created with access to log in, then I can log in no problem. It is authenticating against AD because I purposely made the password different on the OPNSense database and it will not let me log in with that password. Seems to me create the user on my OPNSense box when the user is already created in AD seems like double work. Is this the expected behavior?

5

16.1 Legacy Series / Using Active Directory for Authentication

« on: February 14, 2016, 09:36:46 pm »

Hello all, I am coming from PfSense where I had my box authenticating against my Domain Controller using Active Directory. I have it essentially following this guide https://forum.pfsense.org/index.php?topic=44689.0. I created the group on the box and assigned the privileges I wanted the group to have but when I log in I get the message that the user has no page has been assigned. When I use the tester, the users are authenticating correctly. I am using the current version  16.1.2 64bit. It is like the group of the user logging in is not being passed back to OPNSENSE, any help would be appreciated.


Thanks,

6

15.1 Legacy Series / Re: vmware install

« on: February 03, 2015, 11:38:00 pm »

I installed it on ESXi 5.1 with no issues. It got stuck at 67% for a while but then installed fine. When I got the screen to reboot the server the installer got to an error so I had to manually restart but all is good now.

Just doing some A B comparisons between this and OPNsense. Looks good so far and the performance seems to be about the same. Was having some issues with DHCP but not sure if it is me or OPNSense will report back later.