HI Fabrice,
Like you said, the authentication fails with "\\" but work with
"" (see the test below).
Adding the Realm the authentication works correctly. Thaks for your help.
# ./pftest authentication \\ ad-banco
Testing authentication for "\"
Authenticating a
Ok so based on the log, Autoreg has been enabled but the username doen't
match, i think that it try to match with samaccountname=\\ and
not samaccountname=
So can you try to add as realm in packetfence (Configuration ->
Realm) and in the ad.domain.com select use stripped usernam
No problem,
Now the log shows
Apr 03 12:04:05 httpd.aaa(11755) INFO: [44:37:e6:e3:86:1f] handling radius
autz request: from switch_ip => (x.x.x.x), connection_type =>
Ethernet-EAP,switch_mac => (Unknown), mac => [44:37:e6:e3:86:1f], port =>
10001, username => "\\" (pf::radius::authorize)
Hello Sergio,
sorry for the delay.
So based on your config, you must define an access duration:
[ad.domain.com rule Usuarios]
description= Users
match=all
action0=set_role=Usuario
action1=set_access_duration=1D
Retry and let me know.
Regards
Fabrice
Le 2015-04-02 18:41, Sergio Martinez Tagl
One more detail, I have moved the ldap source (in the web admin interface)
at the top position, but the ldap still unused.
El abr 2, 2015 6:15 PM, "Sergio Martinez Tagliafico"
escribió:
>
> Sorry about the nameS of roles and domain used, I did not changed all of
them.
>
> thanks.
>
> 2015-04-02 1
Here you are,
Initialy vlan_filters.conf was empty and the authorization request still
does not use ldap source (the log is attached)
Thaks
vlan_filters.conf:
[EthernetEAP]
filter = connection_type
operator = match
value = Et
Sorry about the nameS of roles and domain used, I did not changed all of
them.
thanks.
2015-04-02 18:07 GMT-03:00 Sergio Martinez Tagliafico :
> Here you are,
>
> Initialy vlan_filters.conf was empty and the authorization request still
> does not use ldap source (the log is attached)
>
> Thaks
>
Ok so you use vlan_filter too, so i need more details.
Can you provide these files:
vlan_filters.conf
profile.conf
authentication.conf
Regards
Fabrice
Le 2015-04-02 16:07, Sergio Martinez Tagliafico a écrit :
I have defined the filter with a ldap source (from the portal profile
preview the aut
I have defined the filter with a ldap source (from the portal profile
preview the authz run fine) but the internal source is not used.
[default]
description=Default Profile
logo=/common/packetfence-cp.png
billing_engine=disabled
redirecturl=http://www.packetfence.org/
always_use_redirecturl=disabl
Hello Sergio,
let's configure a portal profile with filter switch : x.x.x.x and add
the ldap source on it and retry.
Regards
Fabrice
Le 2015-04-02 15:07, Sergio Martinez Tagliafico a écrit :
Hi friends,
I am in my first experience with packetfence and i am getting some issues.
One of thos
Hi friends,
I am in my first experience with packetfence and i am getting some issues.
One of those is that I do not undertand why with 802.1x dos not use
internal sources. Below is the log when radius handle an authz request:
Apr 02 15:29:21 httpd.aaa(3355) INFO: [44:37:e6:x:x:x] handling radiu
11 matches
Mail list logo
