Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
[SOLVED] LDAP/Active Directory and nested group
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] LDAP/Active Directory and nested group (Read 2127 times)
narfight
Newbie
Posts: 10
Karma: 1
[SOLVED] LDAP/Active Directory and nested group
«
on:
August 28, 2017, 01:45:07 pm »
Hello,
I tried to use "memberOf:1.2.840.113556.1.4.1941:=CN..." to get the list of users who are in nested group for my VPN connection.
I use this configuration :
Type
: LDAP
Hostname or IP address
: 10.0.0.10
Port value
: 389
Transport
: TCP - Standard
Protocol version
: 3
Bind credentials
: User DN: MyCorp\LDAP
Search scope
: Entire Subtree
Base DN
: OU=Macell,DC=MyCorp,DC=org
Authentication containers
: DC=MyCorp,DC=org
Extended Query
: &(memberOf:1.2.840.113556.1.4.1941:=CN=TESTGROUP,OU=Remote Login,OU=00 Security Group,OU=Macell,DC=MyCorp,DC=org)
User naming attribute
: sAMAccountName
the reply are users directly member of TESTGROUP and ... list of groups member of this group.
Can you confirm that it is possible to use "1.2.840.113556.1.4.1941" on OpnSense ?
Thank you
«
Last Edit: August 28, 2017, 02:35:12 pm by narfight
»
Logged
narfight
Newbie
Posts: 10
Karma: 1
Re: [SOLVED] LDAP/Active Directory and nested group
«
Reply #1 on:
August 28, 2017, 02:37:50 pm »
Two error in my config.
First : add "(objectCategory=person)" to my Extended Query.
second : Allow my user "LDAP" to read in all of DC !
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
[SOLVED] LDAP/Active Directory and nested group
