Good day all,
PF 4.1, upgraded from 4.0.6
CentOS 6.5
This is a refinement of my less that specific email from this morning – my
problem involves registration, and multiple AD sources.
I have several AD sources defined, all matching on 'memberof' filters with no
nested groups. When a client connects, the login works as expected - radius
reports "Login OK", access is not immediately denied, correct role is assigned,
device is flipped to correct vlan, and all is well
If the device is not registered, if the user registering is matched by the
first source in the list (whether assigned to a profile or not), all is well.
If the user would match a source after the first, it does not match, the user
is showed the error.html page with "Sorry You have reached maximum number of
devices…",
and the logs show:
Jan 16 13:30:45 register.cgi(0) WARN: No role specified or found for pid
pf.testtwo (MAC xx:xx:xx:xx:xx:xx); assume maximum number of registered nodes
is reached (pf::node::is_max_reg_nodes_reached)
I've changed the order of a couple of authentication sources and the situation
remains the same – first source is allowed to register, no others are.
I have used some custom.pm settings in the past, but removed them all in this
testing
Bug? Feature? My misunderstanding or mistake somewhere?
Thank you for your time,
Tim
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
