Hello Ronald, Check the LDAP bind account provided, it probably have rights issue.
Thanks, Ludovic Zammit Product Support Engineer Principal Lead Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Oct 9, 2024, at 1:46 AM, Zestermann, Ronald via PacketFence-users > <packetfence-users@lists.sourceforge.net> wrote: > > !-------------------------------------------------------------------| > This Message Is From an External Sender > This message came from outside your organization. > |-------------------------------------------------------------------! > > Hi community, > > we use PackageFence version 11 and authenticate to the CaptivePortal against > RADIUS on a Windows Server 2016 (AD). Everything worked fine and we have not > made any changes. Since about 1 week the login to the Captive Portal is no > longer possible. After logging in, the user gets this message: > > "Unable to validate credentials at the moment" > > On the RADUIS server, the login attempt appears in the log and is also > approved there. I have analyzed the network traffic with Wireshark and > everything works fine: > > 18 23.041211 1xx.xxx.xxx.2 1xx.xxx.xxx.13 RADIUS 98 > Access-Request id=157 > 19 23.047808 1xx.xxx.xxx.13 1xx.xxx.xxx.2 RADIUS 162 > Access-Accept id=157 > > At the PacketFence I used > > /usr/local/pf/bin/pftest authentication KNOWN_USER KNOWN_PASS > > and the correct authentication source is also resolved, but the same error > message appears: > > Authenticating against 'RADIUS_PIR-DC01' in context 'portal' > Authentication FAILED against RADIUS_PIR-DC01 (Unable to validate > credentials at the moment) <--- same error as on WebUI > Matched against RADIUS_PIR-DC01 for 'authentication' rule Default_Settings > set_role : default > set_access_duration : 12h > Did not match against RADIUS_PIR-DC01 for 'administration' rules > > How can I solve the problem or better narrow it down? Does anyone have a good > idea? > > best regards > mit besten Grüßen > > Ronald Zestermann > > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!UMIrcjZpYdWPa73w33xQH1JRSBg_aSxXAAAAxKwAalNoEyLl0yYc4btOCjd7SH0BFrjdBSGJ1JjafRgmH953nPhbHqLI2OOFjNkADg$
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
