Dear community, I have been setting up and testing out PacketFence for a number of weeks now and have it setup so that users can authenticate to our BYOD network using EAP-TLS. I also have it sort of setup to allow school azureAD devices to connect to our curriculum network using machine certificates. The second part only works if I don't set any conditions under my AzureAD authentication sources.
I have tried to set a condition for membership of a AzureAD group using the memberof option either with the Object ID of the group or it's display name, but it doesn't seem to work. No role gets assigned so it fails to connect. There doesn't even seem to be any audit log of PacketFence trying to query a group on the app registration end. I know I can query the graph API via graph explorer and can find the groups my machine belongs too, but can PacketFence do something similar and if so, how? The query that I used. https://graph.microsoft.com/v1.0//devices(deviceId='{deviceid}')/memberOf<https://graph.microsoft.com/v1.0//devices(deviceId='%7B8df07f7e-d98e-4579-aa97-bfcfaaa7fe38%7D')/memberOf> Regards Corey Keeling | Senior IT Technician
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users