Re: [PacketFence-users] AD/LDAP Rules

Tue, 18 Jun 2013 10:29:52 -0700 

Good call.  Seems to work like a champ.  I was initially worried about
objects not being found as it fell through the auth layers.   Seems to work
though.  Thanks!


On Mon, Jun 17, 2013 at 3:51 PM, Don Greer <[email protected]> wrote:

>    Tim,****
>
>   I’m not an expert here, but couldn’t you make multiple AD sources, one
> for each OU?  E.g. “AD1-FOO” with Base DN “OU=FOO,DC=mcc,DC=edu” and
> “AD1-BAR” with Base DN “OU=BAR,DC=mcc,DC=edu”?  Each would would have a
> scope of “subtree” and a matches-all rule that does the appropriate “Set
> role”, etc.****
>
>   Of course, if you have “OU=FAP,OU=FOO,DC=mcc,DC=edu” then you’re not
> going to be able to use “subtree” as the scope, but a little experimenting
> will probably get you through that.****
>
>   Hope that’s helpful.****
>
>   Don****
>
> ** **
>
> *From:* Tim DeNike [mailto:[email protected]]
> *Sent:* Monday, June 17, 2013 10:50 AM
> *To:* [email protected]
> *Subject:* [PacketFence-users] AD/LDAP Rules****
>
> ** **
>
> Deploying Packetfence in an AD environment with about 80,000 users.  We
> have users divided up into different OUs.  I dont see a way to make a rule
> act on the OU of the user, or match distinguishedname "contains".****
>
> ** **
>
> A great deal of the users are only a member of the OU, and not a member of
> any additional groups, so we have no good way to match then to divide them
> into different roles.  The roles we have created actually match the OUs
> perfectly.  Going back and assigning dummy groups to 80,000 users really
> isnt in the cards.****
>
> ** **
>
> Any ideas?****
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by Windows:
>
> Build for Windows Store.
>
> http://p.sf.net/sfu/windows-dev2dev
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to