[Samba] PFsense via Samba Authentication Server -> ERROR! ldap_get_groups() could not bind

miguel medalha medalist at sapo.pt
Tue Sep 15 17:06:40 UTC 2020


> Not entirely sure, but 'Query: memberof=CN=Domain 
> Users,CN=Users,DC-internal,DC=external,DC=com' is unlikely to work. All 
> AD users are members of Domain Users, but not one of them has the 
> 'memberof' attribute and the group object doesn't show any 'member' 
> attributes.

> So if the users are being searched for as members of the Domain Users 
> group by the 'memberof' attribute, I do not think it will work, try 
> another group.

Yes. I created  a VPNusers group in AD.

Also, isn't the use of SSL/Port 636 in LDAP deprecated? I am using STARTTLS/Port 389.





More information about the samba mailing list