[Samba] OpenPVN authentication via Samba AD

Stefan G. Weichinger lists at xunil.at
Tue Sep 1 18:06:38 UTC 2020

Am 01.09.20 um 19:57 schrieb Marco Shmerykowsky via samba:

> Thanks.  Some progress.  I changed the Transport to SSL-encrypted
> via 636 and created a a separate bind user.  The bind user is
> entered as "CN=binduser,CN=users,DC=internal,DC=company,DC=com.
> The server checks out.  However, when I run Diagnostics->Authentication
> although the user is checks out as authenticated, the groups the
> user belongs to are not listed.
> Must be still missing something.

You have the certs, use the FQDN and encryption with the AD-CA selected?

Does "Select a container"  work in the "Authentication Servers" setup?

That is crucial.

I might also share some (anonymized) screenshots offlist, yes.

I checked a 2nd installation, there I use Bind credentials in this form
: pfsense at ad.domain

At first get this "Select a container" working.

When you get the user authenticated in the Diagnostics, that sounds
good, though.

More information about the samba mailing list