Thanks for your reply. I have AD source that is configured in PacketFence and the source talks to a AD server for my Domain.
cat /usr/local/pf/conf/authentication.conf [local] description=Local Users type=SQL [email] description=Email-based registration email_activation_timeout=10m type=Email create_local_account=yes allow_localdomain=yes [my_ad] description=My Active Directory password=PASSWORD scope=sub binddn=OU=Users,OU=My Org,DC=orgDC,DC=local basedn=OU=Users,OU=My Org,DC=orgDC,DC=local usernameattribute=sAMAccountName connection_timeout=15 stripped_user_name=no encryption=none cache_match=1 port=389 type=AD host=10.10.10.10 [my_ad rule internal_access] description=internal access match=all action0=set_role=internal_role action1=set_access_duration=1D cat /usr/local/pf/conf/profiles.conf [default] description=Default Profile logo=/captive-portal/content/assets/img/logo.gif billing_engine=disabled redirecturl=http://google.com always_use_redirecturl=enabled mandatory_fields=firstname,lastname,email locale=en_US nbregpages=0 filter_match_style=any block_interval=10m sms_pin_retry_limit=0 sms_request_limit=0 login_attempt_limit=0 dot1x_recompute_role_from_portal=enabled reuse_dot1x_credentials=0 sources=email,local provisioners= custom_fields_authentication_sources= scans= [my_site] description=internal site login_attempt_limit=0 dot1x_recompute_role_from_portal=0 sms_pin_retry_limit=0 locale=en_US sms_request_limit=0 nbregpages=0 always_use_redirecturl=enabled redirecturl=http://www.google.com billing_engine=disabled filter=network:10.10.0.0/24 description=my site internal profile mandatory_fields= scans= reuse_dot1x_credentials=0 sources=my_ad,email,local block_interval=12h provisioners= custom_fields_authentication_sources= filter_match_style=any ________________________________ > From: [email protected] > Date: Tue, 9 Feb 2016 13:20:07 -0500 > To: [email protected] > Subject: Re: [PacketFence-users] AD integration > > Hello Andy, > > When you are saying ‘AD integration’, did you configure the AD source > in PacketFence or you have joined you PacketFence server to your AD > domain ? > > Can you paste the output of those commands (hiding the passwords): > > cat /usr/local/pf/conf/authentication.conf > > cat /usr/local/pf/conf/profiles.conf > > Thanks, > > Ludovic Zammit > [email protected]<mailto:[email protected]> :: +1.514.447.4918 (x145) :: > www.inverse.ca<http://www.inverse.ca> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence > (http://packetfence.org) > > > > > > Le 9 févr. 2016 à 12:22, Andy A > <[email protected]<mailto:[email protected]>> a écrit > : > > Hello. > > I am using PF 5.2 on Centos 6.x in inline mode. We are using AD > integration and it works fine to get people on the internet with just a > small issue. > The AD doesn't require the user's domain password to sign-in to the > internet as long as the username is a valid child within the AD object > tree. > > So basically 'userA' and 'userB' can type 'password' as their password > and still be authenticated as the AD is not considering the password at > all. > > Is this a correct behaviour? or have I missed a trick here and not > configured the AD properly? > > Thanks. > ------------------------------------------------------------------------------ > > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > ------------------------------------------------------------------------------ > > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > _______________________________________________ PacketFence-users > mailing list [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
