This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Active Directory Backend nested groups not working

Hi all,

im wondering, if it is really not possible to use nested AD groups in SSL Client VPN or ReverseProxy Authentication?! We are facing, that it is not possible to allow users, that are part of nested groups.

So for example in the reverse authentication, we configured an AD group grp1. In this group we have other groups. For example grp2. In this group grp2, user xy is member, and should be allowed to login with his credentials. But it doesn´t work.

is there any plan to implement nested group membership login? I heard, that it is only possible in the webproxy with AD SSO, because it uses kerberos.

Best Regards

Sebastian

This thread was automatically locked due to age.

Parents

0 papa_ over 8 years ago

This is exactlly the way LDAP works natively.

To work with nested groups in LDAP, this needs explicit programming in LDAP clients.

May be there is already a feature request, but I have no hope that is will be added to any UTM version.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 papa_ over 8 years ago

This is exactlly the way LDAP works natively.

To work with nested groups in LDAP, this needs explicit programming in LDAP clients.

May be there is already a feature request, but I have no hope that is will be added to any UTM version.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data