Hello all, Have mostly successfully made the transition to radius / Active Directory authentication. But I'm running into an issue with assigning the correct role to a system using the system based on different user attributes. I have include below the appropriate section from authentication.conf The issue is that only the last section is being triggered (GUEST) I was under the impression that rules were processed in order and stopped once a condition was met. Additionally if I completely remove the guest rule then all usernames report "You don not have permission to register a device with username." Any pointers on what I'm doing wrong?
Thanks, Paul [LCHS-DC00] description=Luther Active Directory password=*********** scope=sub [email protected] basedn=OU=LutherUsers,DC=luthercollege,DC=edu usernameattribute=sAMAccountName connection_timeout=5 stripped_user_name=yes encryption=none port=389 type=AD host=172.20.0.254 [LCHS-DC00 rule Paul.Taylor] description= match= action0=set_role=NetAdmin action1=set_unreg_date=2020-01-01 condition0=sAMAccountName,equals,paul.taylor [LCHS-DC00 rule EmployeeDevReg] description=Registration Account For Employee Devices match= action0=set_role=EmployeeRegistration action1=set_unreg_date=2020-07-01 condition0=sAMAccountName,equals,StaffRegistration [LCHS-DC00 rule Employee] description=Employee Personal Device Registration match= action0=set_role=Employee action1=set_access_duration=5D condition0=uid,is member of,AllStaff [LCHS-DC00 rule DayStudents] description=Non Residential Students match= action0=set_role=Day Student action1=set_access_duration=5D condition0=uid,is member of,DayStudents [LCHS-DC00 rule DormStudents] description=Residential Students match= action0=set_role=Dorm Student action1=set_unreg_date=2016-07-01 condition0=uid,is member of,ResStudents [LCHS-DC00 rule Guest] description=Guest Users match=all action0=set_access_duration=12h action1=set_role=guest Paul Taylor IT Support Luther College High School
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
