authpoint ldap 'user isn't in right group'

I'm testing authpoint/ldap to an on-premise AD server. All the setup looks good, ldap sync works, test push notification fine, etc. However, when I try to connect with that user, I get the message below:

11:07:23 admd Authentication of SSLVPN user [[email protected]] from XX.XX.XX.XX was rejected, user isn't in the right group msg_id="1100-0005" Event

2022-07-22 11:07:23 wgcgi SSL VPN user [email protected] from XX.XX.XX.XX was rejected - Unspecified. Debug

2022-07-22 11:07:23 wgcgi User not authenticated Debug

2022-07-22 11:07:23 tunnel 0 0 unix_time="1658502443.899651" Stats

I have an existing SSLVPN-Users group in AD for current vpn users and made a new test group for this single user. I know the credentials are correct because if i DON'T specify authpoint\username, the vpn connects.

I'm missing somethin small I feel, but can't quite get it working.

thanks in advance,

steve

Comments

  • NVM...group is case sensitive. Think it's going now

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hello @sjonesin1
    You are correct, groups (and users) are case sensitive --- I would suggest using groups as they will always return from the server the same way (whereas users will appear however the user types them.)

    -James Carson
    WatchGuard Customer Support

Sign In to comment.