LDAP users can't login from GUI

l.ansaloni · February 26, 2021, 08:54:51 AM

I use the version :
OPNsense 20.1.8_1-amd64
FreeBSD 11.2-RELEASE-p20-HBSD
LibreSSL 3.0.2

I have setup the LDAP server for opnsense Web GUI login by using the step from documentation:
https://docs.opnsense.org/manual/how-tos/user-ldap.html
with Read properties and Synchronize groups option active in LDAP server setting.

User import to local users database with success.
User assign to local admins group with success.
From the console:

Code Select

root@firewall:~ # cat /etc/group
...
admins:*:1999:root,l.ansaloni
...

When I test the user authentication in System\Access\Tester, everything find and no error.
I got the result message:
This user is a member of these groups:
admins

When I try to login in the Web GUI, I loop in the login page and the user has being kick out of the admins group.
from the console:

Code Select

root@firewall:~ # cat /etc/group
...
admins:*:1999:root
...

Do anyone have the same problem?

l.ansaloni · March 04, 2021, 05:23:13 PM

I update to versione 21.1:

Code Select

OPNsense 21.1-amd64
FreeBSD 12.1-RELEASE-p12-HBSD
OpenSSL 1.1.1i 8 Dec 2020

but the problem persist.

mimugmail · March 04, 2021, 07:58:45 PM

Dont use synchronize groups

LDAP users can't login from GUI

l.ansaloni

February 26, 2021, 08:54:51 AM

l.ansaloni

March 04, 2021, 05:23:13 PM #1

mimugmail

March 04, 2021, 07:58:45 PM #2