Hi Nicolas,
I did as requested. It looks like the authentication comes back with no
matches, yet still authenticates the user. Attached is the part of the log that
relates to authentication of the user.
Thank you,
Ben
-----Original Message-----
From: Nicolas Quiniou-Briand via PacketFence-users
<[email protected]>
Sent: Thursday, January 10, 2019 2:53 AM
To: [email protected]
Cc: Nicolas Quiniou-Briand <[email protected]>
Subject: Re: [PacketFence-users] LDAP Authentication Source Base DN and Scope
are not followed.
CAUTION: This email originated from outside of BAYADA. Beware of links and
attachments.
Hello Benjamin,
On 2019-01-09 3:13 p.m., Brenek, Benjamin via PacketFence-users wrote:
> Can anyone possibly provide some insight into why this issue is occurring?
Try to increase log level from INFO to DEBUG at first line of
/usr/local/pf/conf/log.conf.d/httpd.aaa.conf. Then do a
`/usr/local/pf/bin/pfcmd service httpd.aaa restart`
In packetfence.log, you should see more details on your LDAP queries.
Otherwise, you can try to capture LDAP traffic between your PF and LDAP servers.
--
Nicolas Quiniou-Briand
[email protected] :: +1.514.447.4918 *140 ::
https://link.zixcentral.com/u/efc94e4f/7qeg76wU6RGULYDG9e_1Kg?u=https%3A%2F%2Finverse.ca
Inverse inc. :: Leaders behind SOGo
(https://link.zixcentral.com/u/7151f5af/ZMOg76wU6RGULYDG9e_1Kg?u=https%3A%2F%2Fsogo.nu),
PacketFence
(https://link.zixcentral.com/u/6e117212/nNug76wU6RGULYDG9e_1Kg?u=https%3A%2F%2Fpacketfence.org)
and Fingerbank
(https://link.zixcentral.com/u/b6c692ce/tvOg76wU6RGULYDG9e_1Kg?u=http%3A%2F%2Ffingerbank.org)
_______________________________________________
PacketFence-users mailing list
[email protected]
https://link.zixcentral.com/u/f951f560/SAyh76wU6RGULYDG9e_1Kg?u=https%3A%2F%2Flists.sourceforge.net%2Flists%2Flistinfo%2Fpacketfence-users
----------------------------------------------------------------------------
Links contained in this email have been replaced by ZixProtect Link Protection.
If you click on a link in the email above, the link will be analyzed for known
threats. If a known threat is found, you will not be able to proceed to the
destination. If suspicious content is detected, you will see a warning.
----------------------------------------------------------------------------
Our employees' reviews made us a Best Place to
Work<https://www.glassdoor.com/survey/start_input.htm?showSurvey=REVIEWS&employerId=153924&contentOriginHook=PAGE_SRCH_COMPANIES>
in 2018 &2019!
Spread the word and earn a bonus by referring a
friend.<http://hs.bayada.com/talent-scout-ilwid?utm_source=email%20signature&utm_medium=email&utm_campaign=Glassdoor%20Award>
[Compassion, Excellence, Reliability]<http://bhhc.co/BAYemail_site>
[Facebook]<http://bhhc.co/BAYemail_fb> [Twitter] <http://bhhc.co/BAYemail_tw>
[LinkedIn] <http://bhhc.co/BAYemail_LI> [YouTube] <http://bhhc.co/BAYemail_yt>
[Bayada] <http://bhhc.co/BAYemail_site>
CONFIDENTIALITY NOTICE: This email may contain information belonging to BAYADA
and is protected by law. Do not forward, copy, or otherwise disclose to anyone
unless permitted by BAYADA or required by law. If you are not the intended
recipient, please notify the sender immediately.
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com auth[1440]: rlm_rest
(rest): Opening additional connection (3), 1 of 64 pending slots used
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:[undef]]
application/json (pf::WebAPI::handler)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:[undef]]
instantiating new pf::radius object (pf::radius::new)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:[undef]]
instantiating switch (pf::radius::authorize)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49262 [10/Jan/2019:09:03:02.157] main mysql/MySQL0 1/0/1 104 --
24/23/22/22/0 0/0
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49258 [10/Jan/2019:09:03:02.154] main mysql/MySQL0 1/0/4 104 --
23/22/21/21/0 0/0
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49266 [10/Jan/2019:09:03:02.160] main mysql/MySQL0 1/0/1 183 --
23/22/21/21/0 0/0
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:[undef]] cache get
for namespace='switch.overlay', key='192.168.222.11', cache='DBI', time='1ms':
MISS (not in cache) (CHI::Driver::_log_get_result)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:[undef]] creating
new pf::Switch::AeroHIVE::AP object (pf::SwitchFactory::instantiate)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:[undef]] Setting
current tenant ID to 1 (pf::dal::set_tenant)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
SSID resolved to: Company_Employee (pf::radius::authorize)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
handling radius autz request: from switch_ip => (192.168.222.11),
connection_type => Wireless-802.11-EAP,switch_mac => (c4:13:e2:7d:a9:64), mac
=> [78:fd:94:15:b7:61], port => 0, username => "userThatShouldNotAuth", ssid =>
Company_Employee (pf::radius::authorize)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::role object (pf::role::new)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::access_filter::vlan (pf::access_filter::new)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
No engine found for IsPhone (pf::access_filter::test)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Trying to match IP address to MAC '78:fd:94:15:b7:61' using SQL 'ip4log' table
(pf::ip4log::mac2ip)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Viewing an 'ip4log' table entry for the following MAC address
'78:fd:94:15:b7:61' (pf::ip4log::_view_by_mac)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49274 [10/Jan/2019:09:03:02.185] main mysql/MySQL0 1/0/1 183 --
24/23/22/22/0 0/0
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='switch.overlay', key='192.168.222.11', cache='DBI',
time='1ms': MISS (not in cache) (CHI::Driver::_log_get_result)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
creating new pf::Switch::AeroHIVE::AP object (pf::SwitchFactory::instantiate)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49278 [10/Jan/2019:09:03:02.187] main mysql/MySQL0 1/0/2 183 --
24/23/22/22/0 0/0
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='switch.overlay', key='192.168.222.11', cache='DBI',
time='2ms': MISS (not in cache) (CHI::Driver::_log_get_result)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
creating new pf::Switch::AeroHIVE::AP object (pf::SwitchFactory::instantiate)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49282 [10/Jan/2019:09:03:02.190] main mysql/MySQL0 1/0/1 183 --
24/23/22/22/0 0/0
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='switch.overlay', key='192.168.222.11', cache='DBI',
time='1ms': MISS (not in cache) (CHI::Driver::_log_get_result)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
creating new pf::Switch::AeroHIVE::AP object (pf::SwitchFactory::instantiate)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
Instantiate profile Wireless-Company_Employee-Remote
(pf::Connection::ProfileFactory::_from_profile)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::Connection::Profile object (pf::Connection::Profile::new)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::access_filter::vlan (pf::access_filter::new)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
No engine found for AutoRegister (pf::access_filter::test)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Autoregistration set on profile Wireless-Company_Employee-Remote
(pf::role::shouldAutoRegister)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::access_filter::vlan (pf::access_filter::new)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
No engine found for NodeInfoForAutoReg (pf::access_filter::test)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
EAP connection with a username "userThatShouldNotAuth". Trying to match rules
from authentication sources. (pf::role::getNodeInfoForAutoReg)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
Found authentication source(s) : 'LDAP_Users,LDAP_Machines' for realm 'null'
(pf::config::util::filter_authentication_sources)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Match called with parameters radius_request => HASH(0x7f4248ae8570),
stripped_user_name => userThatShouldNotAuth, context => radius, realm => null,
SSID => Company_Employee, connection_type => Wireless-802.11-EAP, username =>
userThatShouldNotAuth (pf::authentication::match2)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) WARN: [mac:78:fd:94:15:b7:61]
Calling match with empty/invalid rule class. Defaulting to 'authentication'
(pf::authentication::match2)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Stripping username is enabled in this context (radius). Will return a split
username and realm. (pf::config::util::strip_username_if_needed)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
Using sources LDAP_Users, LDAP_Machines for matching
(pf::authentication::match2)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='Default', key='ARRAY(0x7f424d5adab8)',
cache='RawMemory', time='0ms': MISS (not in cache)
(CHI::Driver::_log_get_result)
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
/usr/local/fingerbank/collector/fingerbank-collector[1152]:
t=2019-01-10T09:03:02-0500 lvl=info msg="Persisted IP maps in 303.636µs"
pid=1152
Jan 10 09:03:02 drpacketfence01.subdomain.domain.com
/usr/local/fingerbank/collector/fingerbank-collector[1152]:
t=2019-01-10T09:03:02-0500 lvl=info msg="Persisted endpoints in 1.290357ms"
pid=1152
Jan 10 09:03:05 drpacketfence01.subdomain.domain.com auth[1440]: (5388)
Ignoring duplicate packet from client pf port 35232 - ID: 171 due to unfinished
request in component post-auth module rest
Jan 10 09:03:05 drpacketfence01.subdomain.domain.com pfmon[22864]: pfmon(22864)
INFO: [mac:unknown] deleted 0 entries from chi_cache for batch_delete
(1547128985 1547128985) (pf::dal::batch_remove)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache set for namespace='Default',
key='["company-itdc01.subdomain.domain.com","read_timeout","10","write_timeout","5","timeout","1","encryption","none","port","389"]',
size=1, expires='never', cache='RawMemory', time='0ms'
(CHI::Driver::_log_set_result)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users] Using LDAP connection to company-itdc01.subdomain.domain.com
(pf::Authentication::Source::LDAPSource::_connect)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Ops] Searching for
(&(sAMAccountName=userThatShouldNotAuth)(|(department=NES)(department=SES)(department=OPS))),
from ou=Company Users,dc=subdomain,dc=domain,dc=com, with scope sub
(pf::Authentication::Source::LDAPSource::match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Ops] Found 0 results
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Ops] No match found for this LDAP filter
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users companyguest] Searching for
(&(sAMAccountName=userThatShouldNotAuth)(sAMAccountName=companyguest)), from
ou=Company Users,dc=subdomain,dc=domain,dc=com, with scope sub
(pf::Authentication::Source::LDAPSource::match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users companyguest] Found 0 results
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users companyguest] No match found for this LDAP filter
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Matched condition SSID equals Company_Employee
(pf::Authentication::Source::match_rule)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Wireless] Searching for (sAMAccountName=userThatShouldNotAuth),
from ou=Company Users,dc=subdomain,dc=domain,dc=com, with scope sub
(pf::Authentication::Source::LDAPSource::match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Wireless] Found 0 results
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Wireless] No match found for this LDAP filter
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Employees] Searching for (sAMAccountName=userThatShouldNotAuth),
from ou=Company Users,dc=subdomain,dc=domain,dc=com, with scope sub
(pf::Authentication::Source::LDAPSource::match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Employees] Found 0 results
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Users Employees] No match found for this LDAP filter
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='Default', key='ARRAY(0x7f424d5d11c0)',
cache='RawMemory', time='0ms': HIT (CHI::Driver::_log_get_result)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Machines] Using LDAP connection to company-itdc01.subdomain.domain.com
(pf::Authentication::Source::LDAPSource::_connect)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Matched condition SSID equals Company_Employee
(pf::Authentication::Source::match_rule)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Machines Wireless] Searching for
(servicePrincipalName=userThatShouldNotAuth), from ou=domain
Computers,dc=subdomain,dc=domain,dc=com, with scope sub
(pf::Authentication::Source::LDAPSource::match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Machines Wireless] Found 0 results
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Machines Wireless] No match found for this LDAP filter
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Machines Computer] Searching for
(servicePrincipalName=userThatShouldNotAuth), from ou=domain
Computers,dc=subdomain,dc=domain,dc=com, with scope sub
(pf::Authentication::Source::LDAPSource::match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Machines Computer] Found 0 results
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[LDAP_Machines Computer] No match found for this LDAP filter
(pf::Authentication::Source::LDAPSource::_match_in_subclass)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='Default', key='HASH(0x7f424ac9e510)',
cache='RawMemory', time='0ms': MISS (not in cache)
(CHI::Driver::_log_get_result)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache set for namespace='Default', key='{"server":"127.0.0.1:6380"}', size=1,
expires='never', cache='RawMemory', time='0ms' (CHI::Driver::_log_set_result)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
[78:fd:94:15:b7:61] auto-registering node (pf::radius::authorize)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com pfqueue[23120]:
pfqueue(23120) INFO: [mac:unknown] undefined source id provided
(pf::lookup::person::lookup_person)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Trying to determine VLAN from role. (pf::role::getRegisteredRole)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::access_filter::vlan (pf::access_filter::new)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
No rule matched for scope RegisteredRole (pf::access_filter::test)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
Role has already been computed and we don't want to recompute it. Getting role
from node_info (pf::role::getRegisteredRole)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
Username was defined "userThatShouldNotAuth" - returning role 'ops'
(pf::role::getRegisteredRole)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
PID: "userThatShouldNotAuth", Status: reg Returned VLAN: (undefined), Role: ops
(pf::role::fetchRoleForNode)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::role::pool object (pf::role::pool::new)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
closing old locationlog entry because something about this node changed
(pf::locationlog::locationlog_synchronize)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::access_filter::switch (pf::access_filter::new)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
No engine found for radius_authorize (pf::access_filter::test)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::access_filter::radius (pf::access_filter::new)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
Returning ACCEPT with VLAN: 232
(pf::Switch::AeroHIVE::AP::returnRadiusAccessAccept)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
violation 1300003 force-closed for 78:fd:94:15:b7:61
(pf::violation::violation_force_close)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Trying to match IP address to MAC '78:fd:94:15:b7:61' using SQL 'ip4log' table
(pf::ip4log::mac2ip)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
Viewing an 'ip4log' table entry for the following MAC address
'78:fd:94:15:b7:61' (pf::ip4log::_view_by_mac)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='switch.overlay', key='192.168.222.11', cache='DBI',
time='1ms': MISS (not in cache) (CHI::Driver::_log_get_result)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
creating new pf::Switch::AeroHIVE::AP object (pf::SwitchFactory::instantiate)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49368 [10/Jan/2019:09:03:07.857] main mysql/MySQL0 1/0/2 183 --
25/24/23/23/0 0/0
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='switch.overlay', key='192.168.222.11', cache='DBI',
time='1ms': MISS (not in cache) (CHI::Driver::_log_get_result)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
creating new pf::Switch::AeroHIVE::AP object (pf::SwitchFactory::instantiate)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49372 [10/Jan/2019:09:03:07.859] main mysql/MySQL0 1/0/2 183 --
25/24/23/23/0 0/0
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
cache get for namespace='switch.overlay', key='192.168.222.11', cache='DBI',
time='1ms': MISS (not in cache) (CHI::Driver::_log_get_result)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
creating new pf::Switch::AeroHIVE::AP object (pf::SwitchFactory::instantiate)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) INFO: [mac:78:fd:94:15:b7:61]
Instantiate profile Wireless-Company_Employee-Remote
(pf::Connection::ProfileFactory::_from_profile)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com
packetfence_httpd.aaa[22028]: httpd.aaa(22011) DEBUG: [mac:78:fd:94:15:b7:61]
instantiating new pf::Connection::Profile object (pf::Connection::Profile::new)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com haproxy[875]:
127.0.0.1:49376 [10/Jan/2019:09:03:07.861] main mysql/MySQL0 1/0/4 183 --
24/23/22/22/0 0/0
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com httpd_aaa[22025]:
127.0.0.1 - - [10/Jan/2019:09:03:02 -0500] "POST //radius/rest/authorize
HTTP/1.1" 200 887 2113 5734837 "-" "FreeRADIUS 3.0.15" "127.0.0.1:7070"
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com auth[1440]: Need 2 more
connections to reach min connections (3)
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com auth[1440]: rlm_rest
(rest): Opening additional connection (4), 1 of 63 pending slots used
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com auth[1440]: Need 4 more
connections to reach 10 spares
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com auth[1440]: rlm_sql (sql):
Opening additional connection (21), 1 of 58 pending slots used
Jan 10 09:03:07 drpacketfence01.subdomain.domain.com auth[1440]:
[mac:78:fd:94:15:b7:61] Accepted user: and returned VLAN 232_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
