Hi Fabrice,
That is great I will start writing the code and test, and I will let you
know how the things going.
Thanks for quick reply.
Regards,
On Sat, Jan 11, 2014 at 1:17 PM, Fabrice DURAND <[email protected]> wrote:
> Hello Juan,
> 1: yes it´s possible.
> 2: From freeradius you can search a specific attribute and update the
> request. Packetfence will receive this new attribute in radius.pm (better
> to write your custom function in radius/custom.pm) and make test that
> will assign a category to your node.
> After in vlan.pm (vlan/custom.pm) you can return a customVlan based on
> the node´s category.
>
> One thing you have to know to not waste your time, if you try to make a
> ldap query that try to assign memberof to a radius attribute, then forget.
> The other option is to use a perl script (Net::LDAP) that search in ldap
> and assign the category in radius.pm then vlan.pm ...
>
> 3: Take example of code in /usr/local/pf/conf/authentication/ldap.pm to
> make your ldap search. A thing to know is that the custom.pm file has
> been made to write your custom code, so per example copy the function you
> need to modify from radius.pm and paste it in radius/custom.pm.
>
>
> Regards
> Fabrice
>
> Le 2014-01-10 16:48, Juan Camilo Valencia a écrit :
>
> Hi Guys,
>
> This will be a little bit long e-mail but is necessary to in order to
> don't lose the detail and acquire what I need to.
>
> We have PF 3.3.2 installed in our production environment (We know is a
> really old version but right now upgrade is not a solution). The server is
> joined to the Active Directory and is used to authenticate part of the
> users, the other part use MOTP-AS. All this is achieved through RADIUS
> configuration.
>
> Recently We have the requirement to put in a different VLAN the
> providers which are the users that authenticate against a MOTP-AS, we can
> create a category to assign that VLAN, however there are some providers
> that authenticate against AD and those We can't distinguish from employees
> to assign the category dynamically (Manually is almost impossible, input
> and output is constantly) . The only Idea that have been read is using
> Free-Radius and some LDAP queries to assign a particular VLAN based on AD
> Group, I don't have the how to right now but i will continue searching. My
> questions are.
>
> 1. Is possible to do this with packetfence at this time?
> 2. Exist guidelines about to achieve this feature? for example assign a
> category to a user, and consequently a particular VLAN, based on
> LDAP-queries from Free-Radius and Packetfence?.
> 3. This feature depends only to Free-Radius or exist code in Packetfence
> to adapt to this feature? The idea is try to adapt part of the code to the
> PF version that We have.
>
> I appreciated your opinions and help about this topics.
>
> Best Regards from Colombia
>
> --
> JUAN CAMILO VALENCIA VARGAS
> Ingeniero de Operaciones
> SeguraTec S.A.S
> Calle 11 # 43B-50 of 307
> Medelllín Colombia
>
> *“Choose a job you love, and you will never have to work a day in your
> life”*
>
>
> ------------------------------------------------------------------------------
> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> Learn Why More Businesses Are Choosing CenturyLink Cloud For
> Critical Workloads, Development Environments & Everything In Between.
> Get a Quote or Start a Free Trial Today.
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> PacketFence-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> --
> Fabrice [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> Learn Why More Businesses Are Choosing CenturyLink Cloud For
> Critical Workloads, Development Environments & Everything In Between.
> Get a Quote or Start a Free Trial Today.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
JUAN CAMILO VALENCIA VARGAS
Ingeniero de Operaciones
SeguraTec S.A.S
Calle 11 # 43B-50 of 307
Medelllín Colombia
*“Choose a job you love, and you will never have to work a day in your
life”*
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
