Breadcrumb Path Inaccurate

[mpermann]

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

• [ x] I have read the contributing guide lines at https://github.com/opnsense/docs/blob/master/CONTRIBUTING.md
• [x ] I have searched the existing issues and I am convinced that mine is new.

Describe the issue

There appears to be some errors in the LDAP how-to-guide.
(https://github.com/opnsense/docs/blob/master/source/manual/how-tos/user-ldap.rst?plain=1)

Suggestions

On line 133, pencil is spelled wrong. It's shows "pecil" instead of "pencil"

On line 139, It seems like the breadcrumb path to the authentication server is not correct in the manual. It lists System --> Access --> Settings --> Administration as the path, but that path doesn't seem to exist. I believe that correct path should be System --> Settings --> Administration

On line 188, the breadcrumb path doesn't seem to exist. I believe that correct path should be System --> Settings --> Administration

On line 189, it mentions a "Fallback Option" but I don't see that on version 24.1_1 of the community edition. When I was setting up LDAP and following the steps in the guide, I managed to lock myself out of my server and had to reload the software and restore a backup config file to be able to get back in. I'm not sure that the guide is accurate for version 24.1_1. Is it possible to have someone read and verify the steps in the guide are still accurate for the current version?

Version affected

Which version of the software are you using?
(OPNsense 24.1_1 Community Edition)

Describe alternatives you considered

I didn't consider any alternatives.

Additional context

The information above details the issues I've seen.

[AdSchellevis]

4b3e99e should improve the situation

[mpermann]

@AdSchellevis the addition of lines 142 through 149 would not have helped prevent the situation I got myself into. My problem was not understanding that I MUST select Local Database and newly added LDAP server from the Server drop down menu. I would propose the following changes instead.

Starting at line 139:
Go to :menuselection:System --> Settings --> Administration and under the Authentication section at the bottom, choose local database and your newly added LDAP server from the Server dropdown.

...Warning::

If you don't chose both "Local Database" and your newly added LDAP server from the Server dropdown you could be locked out of the system if LDAP authentication isn't working.

Because I explicitly followed the instructions at Step 3 to change the authentication to only the newly added LDAP server, I effectively locked myself out when I logged out of the web GUI before importing the users and appropriately setting permissions on those users in steps 4 and 5. Had I chosen both "Local Database" and newly added LDAP server from the drop down I would have been fine. I hope the explanation of what I did helps you understand why I think the above changes would have prevented my particular situation. Thanks and have a great day!

[AdSchellevis]

Can’t say I agree here, the document states test and verify first. Teaching people to leave a local backdoor is likely not advisable.

[mpermann]

That's fine if you don't agree. Adding what you wrote in lines 142 to 149 doesn't make things clearer for the situation I encountered and relayed to you. I don't know how else you can get into the system if for some reason you follow the instructions and change the authentication to an LDAP only connection and the LDAP is unexpectedly down for a prolonged period of time. I tried logging in from the VGA console using the root credentials I had set and it would not let me log into the system to do anything. So other than re-installing everything from scratch and re-storing a previous backup, I was effectively locked out of the system. Anyway, my issue is resolved.