Hi Christopher On 2013-06-11, at 6:44 AM, Christopher Parker <[email protected]> wrote:
> I work for a local government authority in the uk and we are trying to > develop a simple BYOD solution for our schools. We have an almost complete > prototype built using PacketFence 3.x but we were interested in some of the > new features in PF4 and so we developed a parallel system to test it out. For > the prototypes, we have been concentrating only on an inline enforced system. > We plan to look at VLAN enforcement in the future. > > Active Directory integration is a must for our system as is guest access and > we really like the guest sponsorship model which can be used to authorise > guests but have had some trouble getting it to work correctly in PF4 - > hopefully someone can offer us some advice. > > The structure of our system is a little unusual because of its nature. I have > replaced our real domain names with examples which should illustrate our > structure. Our internal users have email address such as [email protected] and > so we set up our PacketFence server on a domain1.org domain. Our active > directory domain is different to our email domain and is in the format > subdomainB.subdomainA.domain2.org (notice the domain2 not domain1). Our admin > users sit in the AD domain subdomainA.domain2.org. > > We have PacketFence (both versions) working brilliantly with our active > directory structure but the guest sponsorship is causing us problems. > Whenever a user attempts to register for guest access and enters > [email protected] as the sponsorship email, they are informed that this user > is not allowed to sponsor access. This was easily remedied in PF3.x by > executing the following command on the PF server: htpasswd -d > /usr/local/pf/conf/user.conf admin in conjunction with setting the > sponsor_authentication=guest_managers setting in our pf.conf > > However, this does not work on PF4 and adding the sponsor_authentication line > to pf.conf causes errors. I have tried configuring roles in PF4 with actions > of 'mark as sponsor' and it doesn't seem to do anything. In addition to this, > on the configuration -> portal profiles -> default page, guest sponsorship > does not seem to be an option in the 'modes' box - we have had to add it in > the pf.conf manually. There were some issues with sponsorship that have been fixed. They will be part of release 4.0.2. > Could you give me a quick rundown of how the new user roles and sources work > with guest management and sponsorship to see if we are doing something wrong > or are these features not available or functioning in PF4? We would really > like to use v4 but at the moment we are forced to revert to 3.x. > > Also, where has the guest management portal gone in PF4? This was useful as > we could allow certain users to only manage guests and not the portal itself. > Is there an equivalent in PF4? You can create users from the Configuration section of the web admin. You'll find a link named "Create" under the Users section on the left navigation bar. Francis -- [email protected] :: +1.514.755.3640 :: http://www.inverse.ca Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
