Hello Ludovic, thank you for your feedback. Unfortunately, the reference to LDAP does not apply to us.
PacketFence has no connection to ActiveDirectory and no LDAP connections. There is only one “Internal Source” under “Authentication Sources” and this represents the RADIUS connection to a Windows RADIUS server. Nothing else is configured with regard to authentication. best regards mit besten Grüßen Ronald Zestermann -----Ursprüngliche Nachricht----- Von: Zammit, Ludovic <luza...@akamai.com> Gesendet: Mittwoch, 16. Oktober 2024 23:03 An: PacketFence-users <packetfence-users@lists.sourceforge.net> Cc: Zestermann, Ronald <ronald.zesterm...@landratsamt-pirna.de> Betreff: Re: [PacketFence-users] CaptivePortal - Unable to validate credentials at the moment SecureMail Gateway des Freistaates Sachsen Informationen zum Status dieser E-Mail: - Die ganze Nachricht wurde unterschrieben von "luzammi" <luza...@akamai.com> AkamaiClientCA Digitale Unterschrift nicht prüfbar - Nachrichteninhalt unverfälscht - Zertifikat nicht prüfbar Hello Ronald, Check the LDAP bind account provided, it probably have rights issue. Thanks, Ludovic Zammit Product Support Engineer Principal Lead <https://www.akamai.com/us/en/multimedia/images/custom/2019/logo-no-tag-93x45.png> Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com> <http://blogs.akamai.com> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> On Oct 9, 2024, at 1:46 AM, Zestermann, Ronald via PacketFence-users <packetfence-users@lists.sourceforge.net> wrote: !-------------------------------------------------------------------| This Message Is From an External Sender This message came from outside your organization. |-------------------------------------------------------------------! Hi community, we use PackageFence version 11 and authenticate to the CaptivePortal against RADIUS on a Windows Server 2016 (AD). Everything worked fine and we have not made any changes. Since about 1 week the login to the Captive Portal is no longer possible. After logging in, the user gets this message: "Unable to validate credentials at the moment" On the RADUIS server, the login attempt appears in the log and is also approved there. I have analyzed the network traffic with Wireshark and everything works fine: 18 23.041211 1xx.xxx.xxx.2 1xx.xxx.xxx.13 RADIUS 98 Access-Request id=157 19 23.047808 1xx.xxx.xxx.13 1xx.xxx.xxx.2 RADIUS 162 Access-Accept id=157 At the PacketFence I used /usr/local/pf/bin/pftest authentication KNOWN_USER KNOWN_PASS and the correct authentication source is also resolved, but the same error message appears: Authenticating against 'RADIUS_PIR-DC01' in context 'portal' Authentication FAILED against RADIUS_PIR-DC01 (Unable to validate credentials at the moment) <--- same error as on WebUI Matched against RADIUS_PIR-DC01 for 'authentication' rule Default_Settings set_role : default set_access_duration : 12h Did not match against RADIUS_PIR-DC01 for 'administration' rules How can I solve the problem or better narrow it down? Does anyone have a good idea? best regards mit besten Grüßen Ronald Zestermann _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!UMIrcjZpYdWPa73w33xQH1JRSBg_aSxXAAAAxKwAalNoEyLl0yYc4btOCjd7SH0BFrjdBSGJ1JjafRgmH953nPhbHqLI2OOFjNkADg$ _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
