Arthur -- Thank you for chiming in. In fact this was the case. I had tested it out last night and figured out that the attribute would need to be "mail" for the email address.
Now the one thing I'm thinking about is the $LDAPUserKey --- ideally I would like it also to be MAIL so that I can rig the portal just to ask the user to type in their email address once, instead of having two separate "sponsor" and "email" addresses. I haven't dug too much into the page generation code though... Thomas -----Original Message----- From: Arthur Emerson III [mailto:arthur.emer...@msmc.edu] Sent: Thursday, February 07, 2013 6:40 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Problems with Guest Sponsor Login portal Durand Fabrice <fdur...@inverse.ca> wrote: > > PacketFence is not able to find t...@mydomain.com in your ldap. > So i suppose that your $LDAPUserKey is false. If the LDAP directory you are using is Microsoft AD, I had problems with some of the recommended PF defaults for LDAP authentication. If I recall correctly, this was the problem line: my $LDAPSponsorUserKey = "userPrincipalName"; In AD, userPrincipalName looks an awful lot like an e-mail address with its logo...@domain.tld format. If your mail system uses any other e-mail address format (such as first.l...@domain.tld), this line causes the sponsor verification to fail upon LDAP logon because it isn't the same as the "mail" field. These are the current lines from our running ldap.pm file: my $LDAPUserKey = "sAMAccountName"; my $LDAPSponsorUserKey = "mail"; Let me throw in a disclaimer that I did some testing of the sponsorship feature with these settings, but we decided not to deploy the option for the time being. I don't think it was ever tested in our final deployment, so YMMV... -Arthur ------------------------------------------------------------------------- Arthur Emerson III Email: emer...@msmc.edu Network Administrator InterNIC: AE81 Mount Saint Mary College MaBell: (845) 561-0800 Ext. 3109 330 Powell Ave. Fax: (845) 562-6762 Newburgh, NY 12550 SneakerNet: Aquinas Hall Room 11 ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users ********************************************** Email Disclaimer: This email, including attachments, may contain proprietary, confidential or privileged information. If you are not the intended recipient, please (i) do not use, disclose, save or retransmit this message or any attachments, (ii) alert the sender by reply email and (iii) destroy or delete this message and any attachments. Delivery of this email to a person other than the intended recipient(s) shall not constitute a waiver of privilege or confidentiality. CP Investments, member FINRA and SIPC, serves as placement agent for investment products advised by Canyon Capital Advisors LLC. This email is not intended to be an offer to sell or a solicitation of an offer to buy any security in any jurisdiction. We review and retain electronic communications traveling through our network. ********************************************** ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
