I hope I didn't come off as critical or bashing in my initial post. I agree that PacketFence is wonderful and worth every effort to support as well as implement. I have had tremendous success with it.
I am finding it a bit difficult to separate out the configuration of the web interface and user permissions/authentication that are specific to administrating PacketFence from the same topics for end-user registration. We currently implement PacketFence v2 and we intentionally don't operate it with end-users registering devices. We have IS staff log in to the Web admin UI and register devices. We are changing this setup a bit as well as implementing the snort and openvas integrations. We will need to have a LDAP authentication for the Web-based administration that looks at a specific MemberOf association, and the end-user registration would not need the MemberOf association. Regarding the rules creation in the user sources, there were no entries in the log at all. The rule shows up after creating it, but if I hit save, go back to user sources the rule is gone. I was intending to use the rules in the user source area for assigning privileges to users who need to access the management interface of PF, which may not be the right place to do that. In PF v2, I had to manage the user authentication and privilege system for the admin interface in a separate place than the registration portal. Is this still the case? I see the config files in in /usrlocal/pf/conf, but I am nervous about editing them because I don't know which will get overwritten by some part of the PF UI. Also, if I edit the /usr/local/pf/conf/iptables.conf to add some rules, what is the best way to commit the changes. Doing a "service iptables restart (or reload)" would load the rules in /etc/sysconfig/iptables. I could edit the centos-boxed init script to point to /usr/local/pf/conf/iptables.conf, but I wanted to see what the best way to do it was first. The authentication order in the conf file did not have LDAP first. I reorder it, but the web interface had it listed first. And is editing the file directly the thing to do? Nick ------------------------------------------------------------------------------ Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
