how to make pGina.fork keep a working local users that can be used for nla rdp login after pGina created the account?

[tuxcrafter]

I was using pGina Stable 3.1.8.0 on Windows 2019 server and want to use it to connect to my FreeIPA and be able to use Remote Desktop Logins.

1. I have not found a way for pGina to authenticate non local users (ldap users) through RDP Network Level Authentication (NLA) (is there a way).

2. With pGina stable I disabled NLA connect over RDP the pGina login option shows, I can login with an LDAP users and pGina creates a local users and I can then use RDP NLA. When I use pGina fork 3.9.9.12 this stopped working, it creates the local user account but I can not login anymore, the windows event viewer shows the username and or password is incorrect. How can I get this to work again with pGina.fork?

3. cn=groups,cn=accounts,dc=organization,dc=lan is my ldap group dir, and memberOf: cn=ipausers,cn=groups,cn=accounts,dc=organization,dc=lan is how the ldap user query looks like, what would be the object filter to check if a user is part of the ipausers group. I had this working with pGina stable but need some help with the filter syntax in the fork.

Thank you for this amazing tool!