Comments (4)
4b3e99e should improve the situation
from docs.
@AdSchellevis the addition of lines 142 through 149 would not have helped prevent the situation I got myself into. My problem was not understanding that I MUST select Local Database and newly added LDAP server from the Server drop down menu. I would propose the following changes instead.
Starting at line 139:
Go to :menuselection:System --> Settings --> Administration
and under the Authentication section at the bottom, choose local database and your newly added LDAP server from the Server dropdown.
...Warning::
If you don't chose both "Local Database" and your newly added LDAP server from the Server dropdown you could be locked out of the system if LDAP authentication isn't working.
Because I explicitly followed the instructions at Step 3 to change the authentication to only the newly added LDAP server, I effectively locked myself out when I logged out of the web GUI before importing the users and appropriately setting permissions on those users in steps 4 and 5. Had I chosen both "Local Database" and newly added LDAP server from the drop down I would have been fine. I hope the explanation of what I did helps you understand why I think the above changes would have prevented my particular situation. Thanks and have a great day!
from docs.
Can’t say I agree here, the document states test and verify first. Teaching people to leave a local backdoor is likely not advisable.
from docs.
That's fine if you don't agree. Adding what you wrote in lines 142 to 149 doesn't make things clearer for the situation I encountered and relayed to you. I don't know how else you can get into the system if for some reason you follow the instructions and change the authentication to an LDAP only connection and the LDAP is unexpectedly down for a prolonged period of time. I tried logging in from the VGA console using the root credentials I had set and it would not let me log into the system to do anything. So other than re-installing everything from scratch and re-storing a previous backup, I was effectively locked out of the system. Anyway, my issue is resolved.
from docs.
Related Issues (20)
- Gateway groups: explain the address requirement of used gateways
- system: explain password compliance switch for SHA-512 use
- Update terminology in Wireguard pages HOT 2
- Add WireGuard Road Warrior Setup for ProtonVPN HOT 1
- Add some explanation in the selective VPN routing page to explain why the steps are necessary HOT 1
- OpnSense AV Proxy - Eicar links have updated again HOT 2
- Invalid IP notation in illustrations 192.168.1.1.x/24 and similar
- Documentation for using OPNsense behind a web proxy using optional configd configuration files HOT 4
- Breadcrumb Path Inaccurate HOT 1
- Development / upload wrapper helper documentation
- Development / model - explain volatile fields
- www/caddy: Convert Readme.md into doc article
- WireGuard: Confusing roadwarrior instructions HOT 8
- WireGuard Road Warrior Setup | Mandatory Private Key? HOT 1
- Minor spelling correction
- Confusing terms “Validity” vs “Expires” with captive portal vouchers HOT 1
- caddy.rst compile warnings
- Interfaces: Virtual IPs: Settings - add unicast carp
- Services: Captive Portal: Administration- describe "Allow inbound" option
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docs.