Fabrice,
Thanks for the direction got it all figured out including the sAMAccountname issue. The big thing is that match had to be set to any. Although on my install of 5.3.1 this can't be set from the Web GUI. There appears to be broken html. What I see is If <select name="match" id="match" class="input-mini"> <option value="any" id="match.0" selected="selected">any</option> <option value="all" id="match.1">all</option></select> of the following conditions are met: I have included my working examples below in case anyone else runs up against this issue [LCHS-DC00 rule EmployeeDevReg] description=Registration Account For Employee Devices match=any action0=set_role=EmployeeRegistration action1=set_unreg_date=2020-07-01 condition0=sAMAccountName,equals,StaffRegistration [LCHS-DC00 rule Employee] description=Employee Personal Device Registration match=any action0=set_role=Employee action1=set_access_duration=5D condition0=memberOf,is member of,CN=AllStaff,OU=Groups,DC=luthercollege,DC=edu From: Durand fabrice [mailto:[email protected]] Sent: July 28, 2015 5:42 AM To: [email protected] Subject: Re: [PacketFence-users] Role Assignment rules issue Hello Paul, what you can do is to check a user with adsiedit.msc to see what are the attribut to match. I am not sure that uid is member of AllStaff works but something like memberof contain cn=AllStaff should be probably better. Also use pftest to test your rules. Regards Fabrice _______________________________________________ PacketFence-users mailing list [email protected] <mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
