Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
LDAP + Timebased OTP does not create user
« previous
next »
Print
Pages: [
1
]
Author
Topic: LDAP + Timebased OTP does not create user (Read 647 times)
haebi5
Newbie
Posts: 8
Karma: 0
LDAP + Timebased OTP does not create user
«
on:
May 17, 2024, 04:48:27 pm »
Hi all
I have configured an Access Server with LDAP + Timebased OTP configuration. Logging into the portal ends up with the error: No page assigned to this user! Click here to logout.
The user name@domain is in the AD group "VPN" which I have created manually on the local user DB. The VPN group has assigned priviledges to "System: User Password Manager"
The user is not created as described and stated in the WiKi. It shows the same behaviour, when I import the user with the cloud icon.
The log says:
/index.php: Successful login for user 'name@domain' from: IP
user name@domain authenticated successfully for WebGui [using OPNsense\Auth\Services\WebGui + OPNsense\Auth\LDAP]
What else am I missing?
Any help appreciated.
Best,
rene
«
Last Edit: May 20, 2024, 02:14:19 pm by haebi5
»
Logged
haebi5
Newbie
Posts: 8
Karma: 0
Re: LDAP + Timebased OTP does not create user
«
Reply #1 on:
May 23, 2024, 07:26:42 pm »
I can confirm, that it is working under the following condition:
System:Access:Servers:"User naming attribute" to [sAMAccountName]
Under the following condition it is not working:
System:Access:Servers:"User naming attribute" to [UserPrincipalName] (which is the eMail address)
It would be nice, if the user would be able to login everywhere whith the same login name.
Logged
Patrick M. Hausen
Hero Member
Posts: 6826
Karma: 573
Re: LDAP + Timebased OTP does not create user
«
Reply #2 on:
May 23, 2024, 10:33:51 pm »
Have you tried using [mail] instead of [UserPrincipalName]?
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
haebi5
Newbie
Posts: 8
Karma: 0
Re: LDAP + Timebased OTP does not create user
«
Reply #3 on:
May 25, 2024, 12:22:15 pm »
Interesting approach.
The behaviour is slightly different. The prompt falls back to the empty login screen, no visible error to the user.
The log says, the user is authenticated, the user is not created.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
LDAP + Timebased OTP does not create user