Got a little further today. We are using a Hybrid system. So we still have a local AD which syncs with Entra ID. I've noticed that I can't used securitygroups that were created on the Domain Controller and synced to our Intune tenant. If I use groups that were created on Entra in Azure it works.
Is this the expected behavior? Best regards Geert Op ma 29 apr 2024 om 16:32 schreef Geert Heremans via PacketFence-users < packetfence-users@lists.sourceforge.net>: > Hello > > I've setup an Authentication Source connected to our Intune tenant. It's > possible to check the credentials of users against this tenant. > > When I try to setup an authentication rule using the "memberof " property > (trying to check if user is member of a specific group) it fails). The > username and password > are validated but Packetfence doesn't see if the user is part of the group. > > I've tried both using the Groups member-id value as the normal name of the > group. I've also both tried "contains" and "equals" as parameter. > > Where can I start to diagnose the problem? Anyone else had this problem? > > I've noticed the following in the API Audit screen: > > "user_groups_url": " > https://graph.microsoft.com/v1.0/users/%!U(MISSING)SERNAME/memberOf" > > Is there something wrong with the URL? > > The users group URL in the authentication source is: > https://graph.microsoft.com/v1.0/users/%USERNAME/memberOf > > > Best regards > Geert > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users