Re: [pfSense] ldap authentication against active directory fails with passwords containing the paragraph sign
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Holger Bauer Sent: Thursday, June 05, 2014 3:05 PM To: pfSense Support and Discussion Mailing List Subject: Re: [pfSense] ldap authentication against active directory fails with passwords containing the paragraph sign I haven't tested with this setting as it was not available in earlier versiopns of pfSense but as a workaround you could setup AD-Access using a Radius-Server. See https://doc.pfsense.org/index.php/OpenVPN_with_RADIUS_via_Active_Directory for further details. That worked fine for me using passwords that didn't work using ldap. Holger Hi, thank you for this advice. Jim already proposed a working solution. Ingo ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] ldap authentication against active directory fails with passwords containing the paragraph sign
I haven't tested with this setting as it was not available in earlier versiopns of pfSense but as a workaround you could setup AD-Access using a Radius-Server. See https://doc.pfsense.org/index.php/OpenVPN_with_RADIUS_via_Active_Directory for further details. That worked fine for me using passwords that didn't work using ldap. Holger 2014-06-05 14:22 GMT+02:00 Jim Pingle : > On 6/5/2014 8:02 AM, Freund, Ingo wrote: > > today a user complained about not being able to login to IPsec VPN on > the pfSense via Shrew-Client 2.2.2 after he had changed his password. > > > > After some research and testing we have to report that passwords which > contain the paragraph sign '§' are not validated the right way. > > The message on the DC is: Wrong username or password. > > After changing the paragraph sign into e.g. the dollar sign, everything > works fine. > > > > Is this a bug? > > Did you check "UTF8 Encode" on the LDAP server settings? > > If not, then such non-standard characters may not have been sent in the > proper format for the server to understand. > > Jim > ___ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list > ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] ldap authentication against active directory fails with passwords containing the paragraph sign
-Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Jim Pingle Sent: Thursday, June 05, 2014 2:22 PM To: pfSense Support and Discussion Mailing List Subject: Re: [pfSense] ldap authentication against active directory fails with passwords containing the paragraph sign On 6/5/2014 8:02 AM, Freund, Ingo wrote: > today a user complained about not being able to login to IPsec VPN on the > pfSense via Shrew-Client 2.2.2 after he had changed his password. > > After some research and testing we have to report that passwords which > contain the paragraph sign '§' are not validated the right way. > The message on the DC is: Wrong username or password. > After changing the paragraph sign into e.g. the dollar sign, everything works > fine. > > Is this a bug? Did you check "UTF8 Encode" on the LDAP server settings? If not, then such non-standard characters may not have been sent in the proper format for the server to understand. Jim Hi Jim, thank you. After activating the mentioned checkbox the logins are working as expected. Bye - Ingo ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] ldap authentication against active directory fails with passwords containing the paragraph sign
On 6/5/2014 8:02 AM, Freund, Ingo wrote: > today a user complained about not being able to login to IPsec VPN on the > pfSense via Shrew-Client 2.2.2 after he had changed his password. > > After some research and testing we have to report that passwords which > contain the paragraph sign '§' are not validated the right way. > The message on the DC is: Wrong username or password. > After changing the paragraph sign into e.g. the dollar sign, everything works > fine. > > Is this a bug? Did you check "UTF8 Encode" on the LDAP server settings? If not, then such non-standard characters may not have been sent in the proper format for the server to understand. Jim ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] ldap authentication against active directory fails with passwords containing the paragraph sign
Hi, today a user complained about not being able to login to IPsec VPN on the pfSense via Shrew-Client 2.2.2 after he had changed his password. After some research and testing we have to report that passwords which contain the paragraph sign '§' are not validated the right way. The message on the DC is: Wrong username or password. After changing the paragraph sign into e.g. the dollar sign, everything works fine. Is this a bug? Regards - Ingo. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
