I understand your idea but I am not sure I can use it that way. More
clearly I want all mobile-users to hit the portal and to be redirected
in the correct vlan by packetfence:
1/ mobile user from ens-cachan: LDAP authentication and dynamic vlan
attribution (to use the isMemberOf parameter)
2/ mobile user from another campus: RADIUS authentication and default
vlan (guest), or local authentication or sponsoring
I won't need this whith Packetfence 4.4 coming soon but I'd like to make
it work that way for the moment.
Thanks for your answer.
Regards,
Sabrina
Le 09/09/2014 14:28, Fabrice DURAND a écrit :
Hi Sabrina,
maybe you can take a different approach, like you want to autoregister
your local domain account and force the other to hit the portal and
register on the eduroam radius server.
Is it something that you want ?
if yes, something like in vlan filter file:
[local_user]
filter = username
operator = match
value = ^.*\@ens-cachan.fr
[1:local_user]
scope = AutoRegister
role = default
Regards
Fabrice
Le 2014-09-09 05:52, Sabrina Louison-françois a écrit :
Hi all,
I am sorry if this is a stupid simple question but I don't know where
to look for the answer.
I want my packetfence to authenticate users with my radius server
only if they are not from my domain. It means that their usernames
will contain "@" and will not contain "@ens-cachan.fr".
How must I declare the rule. I use this in packtfence 3.6 by
modifiying radius.pm file with those verifications:
(($username =~ /^.*\@.+/) && ($username !~ /^.*\@ens-cachan.fr/))
How do I translate this on the web interfaces with Packetfence 4.3,
here is what I tried:
[RAD1 rule invites]
description=Authentifications des externes: eduroam
match=all
action0=set_role=invites
action1=set_access_duration=3D
condition0=username,matches regexp,/^.*\@.+/x
But It doesn't work. There is a radius authentication attempt
whatever the username.
Thanks for your help.
Sabrina Louison-François
Ingénieure Réseaux et Télécoms
Direction des Systèmes d'Information
École normale supérieure de Cachan
61, avenue du Président Wilson
94235 Cachan cedex
tél : 01 47 40 74 24
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce.
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) ::www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce.
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce.
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
