New access interface and LDAP

Started by haaa, January 31, 2025, 09:50:51 AM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
April 23, 2025, 01:56:20 PM #30
https://forum.opnsense.org/index.php?topic=45606.msg234376#msg234376

with this we can continue to use our old workflow, creating users from LDAP/AD for OpenVPN.

but in fact it just creates the users from LDAP as users in opnsense as Cedrik wrote, so there might be a problem like you create them, @itngo
May 27, 2025, 12:42:34 PM #31
Quote from: Monviech (Cedrik) on April 16, 2025, 08:38:11 AMSo it seems like the ldap browser was not really necessary then, the true requirement is an automatic user sync based on the search query of the ldap servers?

Any idea when and if this will be implemented?
May 27, 2025, 01:08:34 PM #32
No info and there is no ticket on github describing the exact issue that needs to be solved.

Essentially a user does not have to exist in the user manager, the authentication also works if the user does not exist in there.

For OpenVPN the only requirement is a certificate with the username in the CN, and that can be created without needing a user.

Only if 2FA comes into play the user must exist literally in the users.

Theres also the new user portal in the business edition that automates even certificate creation if a user logs in there.
Hardware:
DEC740
Print
Go Up Pages 1 2 3
User actions