Francis, Ok, here you go. ===================== [local] description=Local Users type=SQL
[file1] description=Legacy Source path=/usr/local/pf/conf/admin.conf type=Htpasswd [file1 rule admins] description=All admins match=any action0=set_access_level=4294967295 condition0=username,equals,admin [sms] description=SMS-based registration sms_carriers=100056,100057,100061,100058,100059,100060,100062,100063,100071,100064,100116,100066,100117,100112,100067,100065,100068,100069,100070,100118,100115,100072,100073,100074,100075,100076,100077,100085,100086,100080,100079,100081,100083,100082,100084,100087,100088,100111,100089,100090,100091,100092,100093,100094,100095,100096,100098,100097,100099,100100,100101,100113,100102,100103,100104,100106,100105,100107,100108,100109,100114,100110,100078 type=SMS [sms rule catchall] description= match=all action0=set_role=guest action1=set_unreg_date=2015-03-01 [email] description=Email/sponsor-based registration email_activation_timeout=10m type=Email allow_localdomain=1 [email rule catchall] description= match=all action0=set_role=guest action1=set_unreg_date=2016-03-01 [FreeRADIUS] description=Hit the local FreeRADIUS server secret=testing123 port=18120 type=RADIUS host=127.0.0.1 [FreeRADIUS rule Employees] description=Let 'em in! match=all action0=set_role=default action1=set_access_duration=1h condition0=connection_type,is,Wireless-802.11-EAP condition1=SSID,starts,BasicEmployees [FreeRADIUS rule IPPhoneTest] description=Test Cell Phone Network match=all action0=set_role=CellPhone action1=set_access_duration=1D condition0=connection_type,is,Wireless-802.11-EAP condition1=SSID,starts,IT-Phone-Test [ad1-Sponsors] description=DPT AD Server password=s0ftserv scope=sub binddn=Services Admin basedn=DC=dpt,DC=DFB,DC=NET usernameattribute=mail encryption=none port=389 type=AD host=10.5.18.254 [ad1-Sponsors rule Sponsors] description=Sponsors match=all action0=mark_as_sponsor=1 [DPT-Sponsors] description=DPT Employees sponsoring Guests type=SponsorEmail [DPT-Sponsors rule SponsoredGuests] description=Set Sponsored users to Guest status match=all action0=set_role=guest action1=set_access_duration=5D [ad1] description=Direct Authentication to AD Servers password=s0ftserv scope=sub binddn=Services Admin basedn=DC=dpt,DC=DFB,DC=NET usernameattribute=sAMAccountName encryption=none port=389 type=AD host=10.5.18.254 [ad1 rule DomainUsers] description=Allow Domain Users to Log In match=all action0=set_role=default action1=set_access_duration=5D [DummyLogin] description=This is a login file with a dummy login for the Sponsor's page path=/usr/local/pf/conf/dummyLogin type=Htpasswd [DummyLogin rule SponsorAcceptance] description=If we get here, go ahead and let the guest in. match=all action0=mark_as_sponsor=1 ================= I've had sponsors working since y'all helped me on 4.0.1. It worked through 4.0.3 (although there were a few little hiccups along the way :^). My config may look a little strange because it was important that people be able to authorize with one click from their smart phones, so I created a dummy login file and changed the template in the profile so a dummy username and password were preloaded on the web form for the authorizer. It was decided that the fact that the message got to their secured email box and they were expecting it would be sufficient proof that they were the correct person to authorize the guest. Looking at the logs, as it stands today, it is getting the username from the email (which it actually gets the email address for the username as it's entered in AD, that seems kinda strange) but it fails to accept that email address as being valid for the domain. For instance, when I test it with my personal computer, I enter my personal data, and "[email protected]" for the sponsor. This works fine in 4.0.3, but in 4.0.4 it says "[email protected]" isn't a valid sponsor. Looking at the logs shows that it finds the user in AD, but still fails. I messed with this all day today, then rolled back to 4.0.3 when I left. I saved my work, so I can try again tomorrow, but without two clues to rub together, I'm not making much progress I'm afraid. Thanks for any help you can give me. I'm sure you'll find something fairly obvious wrong and I'll feel dumb, but that's better than making the bruise on my forehead bigger from banging it on the wall any longer :^). Don -----Original Message----- From: Francis Lachapelle [mailto:[email protected]] Sent: Tuesday, August 06, 2013 1:44 PM To: [email protected] Subject: Re: [PacketFence-users] 4.0.4: Possible Bug in Sponsored Registration (maybe other guest registration) Hi Don On 2013-08-06, at 12:52 PM, Don Greer <[email protected]> wrote: > Not sure if this is a fix, or a work around, but I got past this error by > changing line 189 in ./pf/lib/pf/web/guest.pm to the following: > if ($source && (ref($source) ne 'ARRAY')) { > This simply ignores the source if it doesn't return an array > reference. Yes, I know, this is probably the wrong thing to do :^) But yet, it will work. We'll come up with a cleaner fix. > Then I get to the next hurdle, which is I no longer match the condition > "mark_as_sponsor". I've tried very combination I can think of. On the > profile, I have a rule to define the guest, and a rule to define the > authentication of the sponsor users, but NOT a rule that explicitly sets up > the "mark_as_sponsor". Do I now need to add this? The sponsors need to be able to authenticate but also require to have the action "mark as sponsor". Can you share your authentication.conf file? FYI, the sponsor email address is validated by the "mark as sponsor" action when the guest submit the self-registration form. When the sponsor clicks on the activation link she/he received by email, PacketFence only makes sure the user is or can authenticate. > Thanks. > Don > > From: Don Greer [mailto:[email protected]] > Sent: Tuesday, August 06, 2013 8:45 AM > To: [email protected] > Subject: [PacketFence-users] 4.0.4: Possible Bug in Sponsored > Registration (maybe other guest registration) > > After upgrading to 4.0.4, when testing the Sponsored Registration, I get > the following error after entering my registration info: > [URL: https://pf.../signup?mode=guest-register] > Software Error: > Not a HASH reference at /usr/local/pf/lib/pf/web/guest.pm line 189 For > help, please send mail to the webmaster .... > > From the portal_error_log: > [Tue Aug 06 08:34:56 2013] [error] [Tue Aug 6 08:34:56 2013] -e: Not > a HASH reference at /usr/local/pf/lib/pf/web/guest.pm line 189.\n [Tue Aug 6 > 08:34:56 2013] -e: Constant subroutine > ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_guest_2dselfregistration_2ecgi::UCHAR_MAX > redefined at /usr/lib64/perl5/ModPerl/Util.pm line 69. > [Tue Aug 6 08:34:56 2013] -e: Constant subroutine > ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_guest_2dselfregistration_2ecgi::SIGQUIT > redefined at /usr/lib64/perl5/ModPerl/Util.pm line 69. > [Tue Aug 6 08:34:56 2013] -e: Constant subroutine > ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_guest_2dselfregistration_2ecgi::USHRT_MAX > redefined at /usr/lib64/perl5/ModPerl/Util.pm line 69. > [Tue Aug 6 08:34:56 2013] -e: Constant subroutine > ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_guest_2dselfregistration_2ecgi::SIG_IGN > redefined at /usr/lib64/perl5/ModPerl/Util.pm line 69. > [Tue Aug 6 08:34:56 2013] -e: Constant subroutine > ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_guest_2dselfregistration_2ecgi::SEEK_SET > redefined at /usr/lib64/perl5/ModPerl/Util.pm line 69. > > Those last 5 lines are just the first of probably 50 or more similar messages > about ModPer/Util.pm line 69. Not sure if these are related or not to the > hash issue or not. > > Any help on this would be appreciated. > > Thanks! > > Don -- [email protected] :: +1.514.755.3640 :: http://www.inverse.ca Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
