pfSense Gold Subscription

Author Topic: Is it possible to have multiple LDAP servers?  (Read 85 times)

0 Members and 1 Guest are viewing this topic.

Offline nosrepmodnar

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Is it possible to have multiple LDAP servers?
« on: November 08, 2017, 10:50:30 am »
We have two domains behind the firewall. (domA, domB for discussion purposes)
I set domA users up in a-d and add to the pfsenseaccess group and they can then use VPN.
domB users i have to set up a local account on the pfsense box, which is not a pain for set up, but when the user wants to change their password it becomes an issue.
I set up domB in the server settings and can even test authentication, but it fails when trying to log in with VPN
joe.schmoe only has an account in domB

If I try logging in on the pfsense webpage it gives
Nov 8 08:42:51   php-fpm   62778   /index.php: webConfigurator authentication error for 'joe.schmoe' from 192.168.115.163
Nov 8 08:42:51   php-fpm   62778   /index.php: ERROR! Either LDAP search failed, or multiple users were found.
Nov 8 08:32:19   php-fpm   62778   /diag_authentication.php: ERROR! Either LDAP search failed, or multiple users were found.
Nov 8 08:31:59   php-fpm   62778   /diag_authentication.php: ERROR! Either LDAP search failed, or multiple users were found

same multiple users and could not authenticate messages in the ipsec log.

thanks

Offline tc3driver

  • Newbie
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: Is it possible to have multiple LDAP servers?
« Reply #1 on: November 09, 2017, 06:13:36 pm »
What vpn methodology are you using?  OpenVPN, L2TP, or IPsec? The configuration will vary depending on which of these you use.