it tomorrow from office
From: Andrew Jones via PacketFence-users
Sent: Monday, November 08, 2021 7:27 PM
To: packetfence-users@lists.sourceforge.net
Cc: Andrew Jones
Subject: Re: [PacketFence-users] AD user group in the authentication source
On 2021-11-09 09:46, E.P. via PacketFence-users
Hi Eugene,
I hope it works. Don't forget to make sure that the catch-all rule comes
_after_ the one that matches the wifi group, because the first rule that
matches wins.
Thanks,
Andrew
On 2021-11-10 14:02, E.P. wrote:
Thank you, Andrew,
This is exactly what I tried when Ludovic replied me
On 2021-11-09 09:46, E.P. via PacketFence-users wrote:
Hello,
Trying to reach out again in the attempt to get some ideas or
insights.
My problems are still the same with conditions in the authentication
source.
Problem number one.
I want to have an authentication rule that looks like this
, 2021 11:50 PM
To: 'Aaron Zuercher'
Cc: packetfence-users@lists.sourceforge.net
Subject: RE: [PacketFence-users] AD user group in the authentication source
Aaron, it seems we are getting closer to the solution of the riddle.
I changed my authentication rules to match yours, i.e. Matches ALL
PTIONS-AD-SOURCE (Authentication
> successful.)
>
> Matched against OPTIONS-AD-SOURCE for 'authentication' rule Staff-WiFi
>
> set_role : Staff-WiFi
>
> set_unreg_date : 2022-12-31
>
> Did not match against OPTIONS-AD-SOURCE for 'administration' rules
>
>
>
, November 02, 2021 12:26 PM
To: E.P.
Cc: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] AD user group in the authentication source
try memberOF equals
also my rules are set to MATCHES: ALL
not sure if that would matter
On Tue, Nov 2, 2021 at 1:01 PM E.P
unreg_date : 2022-12-31
Did not match against OPTIONS-AD-SOURCE for 'administration' rules
Eugene
From: Aaron Zuercher
Sent: Tuesday, November 02, 2021 10:52 AM
To: packetfence-users@lists.sourceforge.net
Cc: E.P.
Subject: Re: [PacketFence-users] AD user group in the authentication sourc
Hello EP,
You are correct.
memberof equals distinguishedName
Then test it out with the command:
/usr/local/pftest authentication USERNAME ""
Thanks,
Ludovic Zammit
Product Support Engineer Principal
Cell: +1.613.670.8432
Akamai Technologies - Inverse
145 Broadway
Cambridge, MA 02142
Connect
not match against OPTIONS-AD-SOURCE for 'administration' rules
>
>
>
> Eugene
>
>
>
> *From:* Aaron Zuercher
> *Sent:* Tuesday, November 02, 2021 10:52 AM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* E.P.
> *Subject:* Re: [PacketFence-users] AD user
Mine is setup for memberOf equals "full DN of Group"
Aaron
On Tue, Nov 2, 2021 at 3:26 AM E.P. via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:
> I dare asking a stupid question.
>
> What is the correct way to create a condition in the authentication source
> based on AD
I dare asking a stupid question.
What is the correct way to create a condition in the authentication source
based on AD to verify the user specific group membership.
I created a condition based on "memberOf" attribute which is equal to the DN
of the group. It seems doesn't apply or rather not
11 matches
Mail list logo
