Re: [PacketFence-users] RADIUS auth via AD issues

Mon, 22 Jun 2015 13:50:46 -0700 

On Jun 22, 2015, at 16:30 , Rhoads, Robert W. <[email protected]> wrote:

> I have a RADIUS authentication source with rules to place users in the 
> default Role and set the unregistration date.   RADIUS is set to use AD (as 
> referenced in the Admin guide).  Per your previous advice in a different 
> question, the default vlan on the switches is set to appropriate VLAN for 
> that site.
>  
> As to autoregistration, I uncommented the autoregistration code in custom.pm 
> located under vlan/ under lib.

While that may work, what you probably want is an AD type source which will 
allow you to create rules based on things such as group membership and LDAP 
attributes. 

Remember that those sources are for authorization, since authentication has 
already succeeded in the initial RADIUS request by the time they are queried.

Check to see if the devices are actually getting registered.
Does their status change to registered in the GUI? 

Then check in the logs for the matching MAC to see if they were assigned the 
right VLAN. 

As I said you probably really want an AD type source. 
RADIUS is rather limited in comparison and forces you to run a RADIUS server on 
the AD rather than use LDAP which should be enabled by default.

If you still have trouble getting this to work, post your authentication.conf 
file as well as juicy bits of logs (packetfence.log) and I’ll try to help you.

Regards,
--
Louis Munro
[email protected]  ::  www.inverse.ca 
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)
------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to