On 7/30/2011 9:17 AM, Isamar Maia wrote: > > Ok. Great. Thanks for the tip, dude. > > Anyone knows an workaround for the item 2 ? > > Thanks, > > Isamar > > 2011年7月30日10:10 Chris Clark <[email protected] > <mailto:[email protected]>>: > > Isamar, > > The captive portal in m0n0wall/pfSense isn’t capable of direct > LDAP queries, unless something has changed recently. However, it > is capable of RADIUS authentication. Since you have an Active > Directory environment, it’s a trivial matter to setup IAS (2003) > or NPS (2008) to handle RADIUS requests on one of your domain > controllers. > > I’m not aware of a method to accomplish item two. > > Chris > > *From:*Isamar Maia [mailto:[email protected] > <mailto:[email protected]>] > *Sent:* Saturday, July 30, 2011 7:15 AM > *To:* [email protected] <mailto:[email protected]> > *Subject:* [pfSense Support] To integrate AD users to specific > rule groups > > > > Hi Folks, > > Is there any way with PfSense to integrate AD authenticated users > with rules groups. > > I mean, we wish to: > > 1) Integrate the Captive portal functionality to authenticate > users to the Windows AD server > 2) Attach specific users to specific firewall and squid filtering > rules. Like: HR departament users > can access only HR related sites,etc. > > Is that currently possible ? > > > -- > Isamar Maia > Cel. VIVO SSA: (55) 71-9146-8575 > Cel. TIM SSA: (55) 71-9185-5264 > Fixo: (55) 71-4062-8688 > 日本: +81-(0)3-4550-1212 > Skype ID: isamar.maia > > > > > -- > Isamar Maia > Cel. VIVO SSA: (55) 71-9146-8575 > Cel. TIM SSA: (55) 71-9185-5264 > Fixo: (55) 71-4062-8688 > 日本: +81-(0)3-4550-1212 > Skype ID: isamar.maia
The Squid Package for PFSense looks like it will authenticate to a local database, Radius, LDAP, or NT Domain. There are also some ACL capabilities in the SquidGuard package. I'm not aware of any way to configure firewall rules on PFSense that communicate with an authentication back-end.
