OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 19.1 Legacy Series »
  • Adding LDAP Users?
« previous next »
  • Print
Pages: [1]

Author Topic: Adding LDAP Users?  (Read 4736 times)

cclloyd

  • Newbie
  • *
  • Posts: 38
  • Karma: 0
    • View Profile
Adding LDAP Users?
« on: December 31, 2018, 01:57:00 am »
I was following the docs on how to add LDAP auth to OPNSense.  I added an LDAP server and using the tester, I authenticated against it successfully.

But how do I go about adding an LDAP user to opnsense?  I tried going to System -> Access -> Users but I don't see a cloud import icon anywhere.
Logged

ruggerio

  • Sr. Member
  • ****
  • Posts: 289
  • Karma: 11
    • View Profile
Re: Adding LDAP Users?
« Reply #1 on: December 31, 2018, 06:18:16 am »
it will not import the users.

Opnsense will query the users against the ldapserver, depending how you configured it. You can use it e.g. as a vpnbackend. If you want users get logged in on opnsense by ldap, you have to configure it in system, general and use also yourldap-source as authentication-backend. Default is local database.
« Last Edit: December 31, 2018, 08:11:30 am by ruggerio »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13618
  • Karma: 1170
    • View Profile
Re: Adding LDAP Users?
« Reply #2 on: January 02, 2019, 05:35:13 pm »
Importing LDAP users has only two use cases:

Associating OpenVPN certificates for them.
Allowing GUI or shell access.

The import is a snapshot as it only syncs manually when you import. It is by all means only a convenience feature and not a requirement unless you need one of the two use cases above.


Cheers,
Franco
Logged

alh

  • Full Member
  • ***
  • Posts: 112
  • Karma: 5
    • View Profile
Re: Adding LDAP Users?
« Reply #3 on: March 12, 2019, 04:13:58 am »
I have exactly this use case: I would like to link client certificates to ldap users. But the cloud import icon mentioned in the docs is not visible! Am I missing something here?
Logged

alh

  • Full Member
  • ***
  • Posts: 112
  • Karma: 5
    • View Profile
Re: Adding LDAP Users?
« Reply #4 on: March 12, 2019, 04:20:15 am »
OK, found it. Contrary to the docs, you need to first enable the ldap server under System > Settings > Administration > Authentication > Server. Only then the import icon will show.
Logged

alh

  • Full Member
  • ***
  • Posts: 112
  • Karma: 5
    • View Profile
Re: Adding LDAP Users?
« Reply #5 on: March 12, 2019, 04:23:41 am »
However, it seems to ignore the user name setting defined, e. g. for AD it always picks sAMAccountName. I would like to use userPrincipalName instead...
Logged

alh

  • Full Member
  • ***
  • Posts: 112
  • Karma: 5
    • View Profile
Re: Adding LDAP Users?
« Reply #6 on: March 12, 2019, 04:34:15 am »
Oh well, in the source I see that you are stripping off the @domain part. So nevermind.
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 19.1 Legacy Series »
  • Adding LDAP Users?
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2