Personally. I think this is where pf needs to normalize usernames based on authentication source. I fixed it internally to make it work for our needs (local ad users are always recorded as their samaccountname wether they auth with realm\user, user@realm, or [email protected]. Guest or eduroam users are recorded with full user@realm. )
A good enhancement would be to specify mappings to how you want it stored in the DB. My .02 :) Sent from my iPhone > On Aug 19, 2015, at 9:59 AM, Dennis Schulmeyer <[email protected]> > wrote: > > Hi everybody, > > In my „Users“ list i see a double entry for a user after registering vi the > web portal. > We have our AD users source and no local created users. > After 802.1x the PF fetches the users information from our AD and I can see > the user -> DOMAIN\\firstname.lastname and the PCs hostname -> > host/hostname.domain.com > PF finds the correct rules and put the users in the correct VLAN.. So > everything is fine .. > > But when a user logs on via web portal, PF will fetch the username from AD > and stores it with -> firstname.lastname only! > > So one problem is that we have lots of double users entries… and the AD unreg > script will unreg the firstname.lastname user only.. > > Maybe there is still a problem with our realm stripping?! > > Any hints? > > Thank you in advance! > > Kind regards, > Dennis > > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
