On 17/05/11 10:01 AM, Sallee, Stephen (Jake) wrote: > I agree that if the users were on the local box authen::local would be the > best choice, but all of my users are in our AD. What I need the captive > portal to do is authenticate them against our AD and assign them a vlan based > on the domain in the username.
AD authentication should be done with the authentication::ldap module. I'm pretty sure it's covered in one of our guides. Domain-based VLAN assignment will need a bit more work. You could: a) create several authenti...:ldap with one for each domain and there would be a drop down available on the captive portal to chose the domain then you alter the pf::web::custom to categorize the nodes properly then modify pf::vlan::custom to return VLANs based on said categories b) - add something in pf::web::custom to categorize the node based on domain using a regexp on the username then modify pf::vlan::custom to return VLANs based on said categories -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
