I seem to be getting: Failed to obtain groups for [Correct login omitted]: 400 Bad Request (pf::Authentication::Source::AzureADSource::get_memberOf)
Not sure why or when this started, but I suspect that this is why I am no longer getting my groups to work. This was occurring. The above came from packetfence.log Again, anywhere I can further troubleshoot this issue? Also why I am unable to authenticate admins against Azure AD? <- Connected to above? Jeremy Yoke IT Manager TREALITY(r) Simulation Visual Systems From: Jeremy Yoke via PacketFence-users <[email protected]> Sent: Tuesday, June 17, 2025 2:41 PM To: [email protected] Cc: Jeremy Yoke <[email protected]> Subject: [PacketFence-users] Admin Login against Azure AD Hello, I would appreciate any pointers or help I may be able to receive on my issue. I am running PF Version 14.1 installed via the iso. I have all clients, wired, wireless, guest and internal logging in with no notable issues. Internal is using Azure AD setup for machine authentication with EAP-TLS for company owned, Azure AD User Auth for BYOD, and a mix of sources for guest. Issue I am trying to overcome is being able to assign rights to users for Admin Portal login. I followed the guide, but its not working. I will explain in some detail. I am able to use the built in account - no issue I tried against my Azure AD account from the normal site - ERROR Received: Wasn't able to authenticate those credentials I believed as this is listed as internal it would work, but did not. I set up SSO per the documentation. Used the Single Sign On button -> Redirects to portal -> Error Received: You don't have enough privileges to login OK good, so I try to set this up in my user account Actions Tab Email is not populated and therefore won't save. Populated email, set a registration date from yesterday to +10 years, Action -> Access Level : ALL, then save Used the Single Sign On button -> Redirects to portal -> Error Received: You don't have enough privileges to login Check User, none of the above was saved (tried this a few times) Added the actions to the Azure AD Source in the Administration Rules -> Same as above One based on AD membership One added as username equals [email protected]<mailto:[email protected]> So things I have noted as peculiar My info - email, first/last name are not in the user record for my account. Unable to apply the role to my account either from the user tab nor via the authentication source If I manually set the fields they are erased (items such as phone number and Company do remain). Is my source overwriting with blank values? In the process of trying to resolve this, my memberships no longer seem to be found (was working for both machine and user) on client authentication. I am having trouble to recognize which log to troubleshoot this, so even that would be of help. Any other ideas of things I maybe missing would be huge to. Kind Regards, Jeremy Yoke IT Manager TREALITY(r) Simulation Visual Systems 600 Bellbrook Ave. Xenia, Ohio 45385 Cell: +1 (937) 901 5684 [email protected]<mailto:[email protected]> www.TREALITYSVS.com<http://www.trealitysvs.com/> ________________________________ Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential or proprietary information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, immediately contact the sender by reply e-mail and destroy all copies of the original message. TREALITY SVS, LLC.<http://www.trealitysvs.com/>
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
