[PacketFence-users] Active directory source rule not working

[Alberto Losada]

Hi all,

In packetfence version 6.0.1 ZEN + updates to 6.0.3 we were trying to
administer the admin portal using our Active Directory users.

I've been able to login when the condition is SamAccountName equals to,
but no when using an AD group through memberof or membership:

[ADCORP]
description=Scytl domain users
password=xxxx
scope=sub
binddn=cn=xxx,ou=Service Accounts,DC=xxx,DC=net
basedn=OU=xxx,DC=xxxx,DC=net
email_attribute=mail
usernameattribute=sAMAccountName
connection_timeout=5
stripped_user_name=yes
encryption=ssl
dynamic_routing_module=AuthModule
port=636
type=AD
host=192.168.0.105

[ADCORP rule WEB_ADMIN]
description=Web Full Admin IT
class=administration
match=all
action0=set_access_level=ALL
condition0=memberOf,contains,GL_ACC_Server_Admins

In this case I see an " *Error!* Wrong username or password.", however I
can see auth successfull in terminal:

Jun 07 13:26:06 httpd.admin(2668) INFO: Authentication successful for
'alosada' in source SCYTL (AD) (pf::authentication::authenticate)
Jun 07 13:26:06 httpd.admin(2668) INFO: Using sources ADCORP for matching
(pf::authentication::match)
Jun 07 13:26:06 httpd.admin(2668) INFO: Using sources ADCORP for matching
(pf::authentication::match)

Profile.conf was left as by default:

[default]
description=Default Profile
logo=/common/packetfence-white.png
redirecturl=http://www.packetfence.org/
always_use_redirecturl=disabled
locale=en_US
nbregpages=0
filter_match_style=any
block_interval=10m
sms_pin_retry_limit=0
sms_request_limit=0
login_attempt_limit=0
root_module=default_policy
billing_tiers=
dot1x_recompute_role_from_portal=enabled
preregistration=disabled
scans=
reuse_dot1x_credentials=0
sources=
provisioners=


Am I missing something??

Thanks in advance,

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users