Re: [PacketFence-users] AD user group in the authentication source

[Zammit, Ludovic via PacketFence-users]

Hello EP,

You are correct.

memberof equals distinguishedName

Then test it out with the command:

/usr/local/pftest authentication USERNAME ""

Thanks,

Ludovic Zammit
Product Support Engineer Principal

Cell: +1.613.670.8432
Akamai Technologies - Inverse
145 Broadway
Cambridge, MA 02142
Connect with Us:         <https://community.akamai.com/>  
<http://blogs.akamai.com/>  <https://twitter.com/akamai>  
<http://www.facebook.com/AkamaiTechnologies>  
<http://www.linkedin.com/company/akamai-technologies>  
<http://www.youtube.com/user/akamaitechnologies?feature=results_main>

> On Nov 2, 2021, at 1:40 AM, E.P. via PacketFence-users 
> <packetfence-users@lists.sourceforge.net> wrote:
> 
> I dare asking a stupid question.
> What is the correct way to create a condition in the authentication source 
> based on AD to verify the user specific group membership.
> I created a condition based on “memberOf” attribute which is equal to the DN 
> of the group. It seems doesn’t apply or rather not verified.
> Any user from the AD domain who authenticates can connect via RADIUS.
>  
> Eugene
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net 
> <mailto:PacketFence-users@lists.sourceforge.net>
> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!DAgw4QqWZI5NrcPBSRsPu8nUUBMMcoUvesQY2YCsfVAFrf0rqfd5wWzKecm_P3cD$
>  
> <https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!DAgw4QqWZI5NrcPBSRsPu8nUUBMMcoUvesQY2YCsfVAFrf0rqfd5wWzKecm_P3cD$>

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users