Hosts however would have to be joined by an admin?
They also wouldnt be very IPA aware and stable from what I can see, ie joining
a non-RH OS to IPA just looks an awful nightmare especially for 10000+ devices
plus with 3 different OSes at least (IOS, Win, Android, linux and apple and
windows laptops plus others) and multiple versions and patch levels.....um no,
insanity beckons, LOL.
I am still trying to figure out what is wanted so I am vague because so are
criteria and I have never done this before.
All I have is,
free, open source,
The idea is that an employee can have a zero config access / sign in to wifi
for their device once initially connected.
The solution must be robust and available ie close to 99.999% availability.
IPA can do this as the backend and yes PF can use LDAP hence my interest.
Packet fence can be active/passive HA so its possible. Virtualised across
multiple ESXi hosts and SANs.
I have a RFE in for a IPA howto section to be added to the PF manual as even
the openldap section is empty. Or I might try and write it if I get the go
The PF servers would be RHEL6.6 so Im hoping adding a service in IPA will
From: freeipa-users-boun...@redhat.com <freeipa-users-boun...@redhat.com> on
behalf of Dmitri Pal <d...@redhat.com>
Sent: Thursday, 12 March 2015 9:15 a.m.
Subject: Re: [Freeipa-users] Extending IPA to include multiple (say 5) fields
for MAC addresses per user
On 03/11/2015 03:43 PM, Steven Jones wrote:
I have been asked to look at packetfence and linking it to IPA for
authentication but I might need to allow users to login into their IPA info and
add MAC addresses themselves, this is possible I think?
Since ppl these days can have 3 mobile devices, (ipad, iphone and laptop) I
would need multiple MAC fields so would have to extend IPA's schema? is this a
I would treat the devices as hosts rather than extend user schema.
But can you explain the use case and what you have in mind.
Based on the PF site they support different LDAP servers for authentication so
I am not sure any schema change would be needed.
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project