Nada, same error:
This is the only thing I can find in the logs, and it isn't from the
last time I tried, so it may just be a one-off error. I searched the
entire logs directory.
Jun 25 09:22:40 register.cgi(0) INFO: Invalid LDAP search query
((sAMAccountName=berlintest)).
(pf::Authentication::Source::LDAPSource::authenticate)
The end of the log is this:
Jun 26 09:29:13 pfdhcplistener(19621) INFO: d4:be:d9:bf:7f:bf requested
an IP. DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server
2008). Modified node with last_dhcp = 2013-06-26 09:29:13,computername =
berlina-dev,dhcp_fingerprint = 1,15,3,6,44,46,47,31,33,121,249,43
(main::listen_dhcp)
Jun 26 09:29:13 pfdhcplistener(19621) DEBUG: sending VENDORMAC::13942489
trigger (pf::node::node_mac_wakeup)
Jun 26 09:29:13 pfdhcplistener(19621) DEBUG: violation not added, no
trigger found for vendormac::13942489 or violation is disabled
(pf::violation::violation_trigger)
Jun 26 09:29:13 pfdhcplistener(19621) DEBUG: sending
MAC::233916162080703 trigger (pf::node::node_mac_wakeup)
Jun 26 09:29:13 pfdhcplistener(19621) DEBUG: violation not added, no
trigger found for mac::233916162080703 or violation is disabled
(pf::violation::violation_trigger)
Jun 26 09:29:13 pfdhcplistener(19621) INFO: DHCPACK from 10.9.1.10
(00:50:56:8e:1b:88) to host d4:be:d9:bf:7f:bf (10.9.1.11) for 30 seconds
(main::parse_dhcp_ack)
Jun 26 09:29:13 pfdhcplistener(19621) DEBUG: 10.9.1.11 &&
d4:be:d9:bf:7f:bf (main::update_iplog)
Jun 26 09:29:13 pfdhcplistener(19621) DEBUG: updating end_time for
(d4:be:d9:bf:7f:bf - 10.9.1.11) (pf::iplog::iplog_open)
Amanda Berlin
From: Ray Cannon [mailto:[email protected]]
Sent: Tuesday, June 25, 2013 1:29 PM
To: [email protected]
Subject: Re: [PacketFence-users] 4.0.1 and AD configuration
I believe your condition should include the full ldap path and look
something like this:
condition0=memberOf,equals,CN=PacketFence,OU=Security
Groups,OU=Groups,DC=syb,DC=net
From: Berlin, Amanda - Information Systems
[mailto:[email protected]]
Sent: Tuesday, June 25, 2013 10:59 AM
To: [email protected]
Subject: [PacketFence-users] 4.0.1 and AD configuration
Hello All,
I've been trying to get this to work for some time now and I'm not
getting anywhere. I have version 4.0.1 running and I'm trying to get two
separate sources setup.
Source 1: Internal, AD
Source 2: External, Email sponsor
Here is my authentication.conf
[local]
description=Local Users
type=SQL
[VendorAccess_Source]
description=VendorAccess_Source
email_activation_timeout=20m
type=Email
allow_localdomain=1
[firelands.localAD]
description=Firelands.local AD
password=mypasswordhere
scope=sub
[email protected]
basedn=DC=firelands,DC=local
usernameattribute=sAMAccountName
encryption=none
port=389
type=AD
host=firelands.local
[VendorAccess_Source rule VendorAccess_Rule]
description=VendorAccess_Rule
match=all
action0=set_role=VendorAccess
[firelands.localAD rule EmployeeAccessRule]
description=EmployeeAccessRule
match=all
action0=set_role=EmployeeAccess
action1=set_access_duration=1h
condition0=memberOf,equals,PacketFence
On my switch I have the VendorAccess and EmployeeAccess set to go to
different Vlans. The error I get whenever I try and login with a user
that is member of the PacketFence group in AD is "Username/Password
incorrect for all authentication sources". When I test my source it
comes back saying that the test was successful. I'm combing through the
logs, but I haven't found anything yet. Thoughts? Suggestions? I'm stuck
L
Amanda Berlin
Email transmission cannot be guaranteed to be secure or error free as
information could be intercepted, corrupted, lost, destroyed, arrive
late or contain viruses.
The sender, therefore, does not accept liability for any errors or
omissions in the contents of this message, which arise as a result of
email transmission.
The information in this email is confidential, may be privileged, and is
intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient or a person authorized to deliver
it to the named addressee, do not read, copy, retain, or disseminate
this message or any
attachment. If you have received this email in error, please reply to
the message immediately to inform the sender that the message was
misdirected.
After replying, please delete the message from your computer system.
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
