Hi All,
I have successfully deployed PacketFence Zen13.0 and basic 802.1x
authentication is done via AD. My environment is based on static IP i am
not using DHCP.
I want to enable machine authentication as well to block all the machines
that are not a part of Domain
I have created an authentication source with search attribute sAMAccountname
and create a rule that if
memberof ----is member of -- "AD Group CN"
then allows the specific VLAN. (its working fine)
but the problem is when I add another LDAP condition in the same rule it
stops working.
i have enabled 3 search attributes in authentication source
servicePrincipalName
Computer Name
sAMAccountName
AD-Machine: EXPAND
(&(|(servicePrincipalName=%{User-Name})(servicePrincipalName=%{Stripped-User-Name})(sAMAccountName=%{User-Name})(
sAMAccountName =%{Stripped-User-Name})(Computer
Name=%{User-Name})(Computer
Name=%{Stripped-User-Name})(servicePrincipalName=%{%{Stripped-User-Name}:-%{User-Name}})))
but logs shows that all the 3 fields have the same value of AD user ID
Please guide how can i create a rule that "if machine and user is part of
Active Directory that it allows otherwise fail".
Regards
Raheel Khursheed
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
