Hello Guys, Am back again, I am having issues with Active Directory Authentication being that my user is able to authenticate but I get at error that says "You do not have permission to register a device with this username"
as you can observe in the logs below and "Feb 13 11:04:45 pf packetfence_httpd.portal: httpd.portal(31025) INFO: [mac:00:11:22:00:00:51] User firstname.lastname has authenticated on the portal. (Class::MOP::Class:::after) Feb 13 11:04:45 pf packetfence_httpd.portal: httpd.portal(31025) WARN: [mac:00:11:22:00:00:51] Calling match with empty/invalid rule class. Defaulting to 'authentication' (pf::authentication::match) Feb 13 11:04:45 pf packetfence_httpd.portal: httpd.portal(31025) INFO: [mac:00:11:22:00:00:51] Using sources htbAD for matching (pf::authentication::match) Feb 13 11:04:45 pf packetfence_httpd.portal: httpd.portal(31025) INFO: [mac:00:11:22:00:00:51] LDAP testing connection (pf::LDAP::expire_if) Feb 13 11:04:45 pf packetfence_httpd.portal: httpd.portal(31025) INFO: [mac:00:11:22:00:00:51] Found source htbAD in session. (Class::MOP::Class:::around)" and when I do pftest the results can be found below: /usr/local/pf/bin/pftest authentication firstname.lastname P@55w0rd htbAD Testing authentication for " firstname.lastname" Authenticating against 'htbAD' in context 'admin' * Authentication SUCCEEDED against htbAD (Authentication successful.)* * Did not match against htbAD for 'authentication' rules* * Did not match against htbAD for 'administration' rules* Authenticating against 'htbAD' in context 'portal' * Authentication SUCCEEDED against htbAD (Authentication successful.)* *Did not match against htbAD for 'authentication' rules* * Did not match against htbAD for 'administration' rules* I am wondering what is wrong with my config as I have assigned only a Role which is staff and an access duration of an Hour. Below is a semblance of how my authentication.conf is laid. [htbAD] cache_match=0 read_timeout=10 realms= password=1 searchattributes=sAMAccountName scope=sub port=389 description=my HTB write_timeout=5 type=AD basedn=CN=Users,DC=mydomain,DC=htb monitor=1 set_access_level_action= shuffle=0 email_attribute=mail usernameattribute=UserPrincipalName connection_timeout=1 encryption=none host=172.17.1.248 binddn=CN=Administrator,CN=Users,DC=mydomain,DC=htb [htbAD rule my] action0=set_access_level=ALL match=any class=administration description=my [htbAD rule myRule] action0=set_role=Staff condition0=memberOf,equals,Staff match=any class=authentication action1=set_access_duration=1h description=Rule
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users