pfSense using MS AD as user backend for OpenVPN

Using the setting below will allow VPN access to all users member of the VPN Users group.

Server Settings

Descriptive name: Microsoft AD
Type: LDAP

LDAP Server Settings

Hostname or IP address: yourmsdomain.local
 Port value: 389
 Transport: TCP
 Protocol version: 3
 Server Timeout: 25
 Timeout for LDAP operations (seconds): 25
 Search scope
 - Level: One Level
 - Base DN: DC=yourmsdomain,DC=local

Authentication containers: OU=Users,DC=yourmsdomain,DC=local
Extended query: ticked
Query: memberOf=CN=VPN Users,OU=Groups,DC=yourmsdomain,DC=local

Bind anonymous: not ticked
Bind credentials: nameofyourbinduser (NAME not username) and password

User naming attribute: samAccountName
Group naming attribute: cn
Group member attribute: memberOf
RFC 2307 Groups: not ticked
Group Object Class: empty
UTF8 Encode: not ticked
Username Alterations: not ticked

Lämna ett svar