For machine auth use servicePrincipalName. Also new in packetfence 4.1, even if you are using autoregistration you can create a portal profile that filter on your secure SSID. So packetfence will try all the sources you defined in this profile. If there is no portal profiles that match then packetfence will use all the authentication sources defined in sources.
Fabrice Le 2014-01-17 10:58, Palmer, Tim a écrit : > > On 1/17/14 10:47 AM, "Jason Frisvold" <[email protected]> wrote: > >> Palmer, Tim wrote: >>> I had several AD sources with a couple of rules each, all with the same >>> LDAP parameters (especially the usernameattribute) except the group name >>> being matched on. I changed to a single AD source per usernameattribute, >>> with several rules. So I now have two AD sources one for user auth and >>> one for machine auth and this is working better. Haven't confirmed it's >>> working perfectly yet. >> For what it's worth, this is exactly what we do. Albeit, LDAP versus >> AD, but similar enough. One source for Machine Auth, one for User Auth. >> Works flawlessly thus far. >> > > Makes perfect sense. I don't know what I was thinking - happy to get it > working at all during the 4.0.x times, I think. > I'm now having an issue with machine auth and my auto registration - if > you don't mind my asking, what username attribute are you matching on for > Windows machine auth? servicePrincipalName or sAMAccountName or ?? > > Thanks, > > tim > > > ------------------------------------------------------------------------------ > CenturyLink Cloud: The Leader in Enterprise Cloud Services. > Learn Why More Businesses Are Choosing CenturyLink Cloud For > Critical Workloads, Development Environments & Everything In Between. > Get a Quote or Start a Free Trial Today. > http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
