All tested user names give the same errors.
ntlm_auth tested working:
ntlm_auth --username tim.palmer
password:
NT_STATUS_OK: Success (0x0)
=========================================
Me too:
My login, which should match on the very first Auth Source rule (and did every
time just fine pre 4.0.5) now gives:
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: instantiating new pf::radius object
(pf::radius::new)
Aug 12 11:01:27 pf::WebAPI(25185) INFO: handling radius autz request: from
switch_ip => 10.10.30.60, connection_type => Wireless-802.11-EAP mac =>
f8:1e:df:f1:f7:a8, port => 0, username => tim.palmer (pf::radius::authorize)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Database statements not prepared,
preparing... (pf::db::db_query_execute)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Preparing pf::node database queries
(pf::node::node_db_prepare)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: function pf::db::get_db_handle is
calling db_connect (pf::db::db_connect)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: checking handle (pf::db::db_connect)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: (Re)Connecting to MySQL (thread id: 0)
(pf::db::db_connect)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: connected (pf::db::db_connect)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: sending VENDORMAC::16260831 trigger
(pf::node::node_mac_wakeup)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Database statements not prepared,
preparing... (pf::db::db_query_execute)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Preparing pf::trigger database queries
(pf::trigger::trigger_db_prepare)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: violation not added, no trigger found
for vendormac::16260831 or violation is disabled
(pf::violation::violation_trigger)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: sending MAC::272811489884072 trigger
(pf::node::node_mac_wakeup)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: violation not added, no trigger found
for mac::272811489884072 or violation is disabled
(pf::violation::violation_trigger)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: instantiating switch
(pf::radius::authorize)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: instantiating new SwitchFactory object
(pf::SwitchFactory::new)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: creating new pf::SNMP::Aruba object
(pf::SwitchFactory::instantiate)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: SSID resolved to: pfsecure
(pf::radius::authorize)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: VoIP not enabled on switch 10.10.30.60
(pf::SNMP::isPhoneAtIfIndex)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: VoIP not enabled on switch 10.10.30.60
(pf::SNMP::isPhoneAtIfIndex)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: instantiating new pf::vlan object
(pf::vlan::new)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Database statements not prepared,
preparing... (pf::db::db_query_execute)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Preparing pf::violation database
queries (pf::violation::violation_db_prepare)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Trying to determine VLAN from role.
(pf::vlan::getNormalVlan)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: EAP connection with a username. Trying
to match rules from authentication sources. (pf::vlan::getNormalVlan)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Preparing pf::violation database
queries (pf::violation::violation_db_prepare)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Trying to determine VLAN from role.
(pf::vlan::getNormalVlan)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: EAP connection with a username. Trying
to match rules from authentication sources. (pf::vlan::getNormalVlan)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: Match called with parameters unique =>
0, usernameattribute => servicePrincipalName, basedn =>
DC=themastersschool,DC=com, binddn => cn=Packetfence Binder,ou=Service
Accounts,dc=<myschool>,dc=com, encryption => ssl, rules =>
ARRAY(0x7f94de918fa8), port => 636, description => AD Source for Machine Auth,
host => 10.10.30.22, password => xxxxx, type => AD, class => internal, id =>
ADMachineAuth, scope => sub (pf::authentication::match)
Aug 12 11:01:27 pf::WebAPI(25185) DEBUG: No source matches action
pf::Authentication::Source::ADSource=HASH(0x7f94de910748)
(pf::authentication::match)
Aug 12 11:01:27 pf::WebAPI(25185) INFO: Username was NOT defined or unable to
match a role - returning node based role '' (pf::vlan::getNormalVlan)
Aug 12 11:01:27 pf::WebAPI(25185) WARN: No parameter Vlan found in
conf/switches.conf for the switch 10.10.30.60 (pf::SNMP::getVlanByName)
Aug 12 11:01:27 pf::WebAPI(25185) WARN: No parameter Vlan found in
conf/switches.conf for the switch 10.10.30.60 (pf::SNMP::getVlanByName)
Aug 12 11:01:27 pf::WebAPI(25185) INFO: MAC: f8:1e:df:f1:f7:a8, PID:
tim.palmer, Status: reg. Returned VLAN: (pf::vlan::fetchVlanForNode)
Aug 12 11:01:27 pf::WebAPI(25185) WARN: new VLAN is not a managed VLAN ->
Returning FAIL. Is the target vlan in the vlans=... list?
(pf::radius::authorize)
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
