OpenVPN sudden LDAP Bind Error

Started by towatai, October 11, 2024, 09:46:42 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 11, 2024, 09:46:42 AM Last Edit: January 24, 2025, 09:12:39 AM by towatai
Hello,

We have been using a virtualized OPNsense + OpenVPN with a connection to our local AD in conjunction with TOTP for our users for about half a year. This has worked wonderfully so far. Recently, we have had the problem that some users are unable to establish a VPN connection.

The OpenVPN log for the user shows: LDAP bind error [80090308: LdapErr: DSID-0C09050F, comment: AcceptSecurityContext error, data 52e, v4563; Invalid credentials]

However, the credentials are 100% correct. Even the LDAP test with user XY then fails. If we now delete the imported user from the OPNsense and import it again from our AD (previous OTP seed re-inserted), both the LDAP test and the login via OpenVPN+TOTP work perfectly for the user. Is this a known problem? Does anyone have a (permanent) solution? I don't feel like re-importing all ~70 accounts every few months  ;)

Edit:
Still exists on 24.7.11_2

The current version is 24.7.6, but the problem has existed since at least 24.7.3
Print
Go Up Pages1
User actions