On 1/17/14 10:47 AM, "Jason Frisvold" <[email protected]> wrote:
>Palmer, Tim wrote: >> I had several AD sources with a couple of rules each, all with the same >> LDAP parameters (especially the usernameattribute) except the group name >> being matched on. I changed to a single AD source per usernameattribute, >> with several rules. So I now have two AD sources one for user auth and >> one for machine auth and this is working better. Haven't confirmed it's >> working perfectly yet. > >For what it's worth, this is exactly what we do. Albeit, LDAP versus >AD, but similar enough. One source for Machine Auth, one for User Auth. > Works flawlessly thus far. > Makes perfect sense. I don't know what I was thinking - happy to get it working at all during the 4.0.x times, I think. I'm now having an issue with machine auth and my auto registration - if you don't mind my asking, what username attribute are you matching on for Windows machine auth? servicePrincipalName or sAMAccountName or ?? Thanks, tim ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
