Hello John Doe,
it's probably because the mac is not sent to the source.
Can you try that:
diff --git a/lib/pf/role.pm b/lib/pf/role.pm
index dc260f5..cfbe3dd 100644
--- a/lib/pf/role.pm
+++ b/lib/pf/role.pm
@@ -46,6 +46,7 @@ use pf::person;
use pf::lookup::person;
use pf::util::statsd qw(called);
use pf::StatsD::Timer;
+use Hash::Merge qw (merge);
our $VERSION = 1.04;
@@ -443,6 +444,7 @@ sub getRegisteredRole {
rule_class => 'authentication',
radius_request => $args->{radius_request},
};
+ $params = merge($args, $params);
$role = &pf::authentication::match([@sources], $params,
$Actions::SET_ROLE, \$source);
my $unregdate = &pf::authentication::match([@sources],
$params, $Actions::SET_UNREG_DATE);
# create a person entry for pid if it doesn't exist
@@ -579,7 +581,7 @@ sub getNodeInfoForAutoReg {
stripped_user_name => $stripped_user,
radius_request => $args->{radius_request},
};
-
+ $params = merge($args, $params);
my $source;
# Don't override vlan filter role
if (!defined($role)) {
And let me know.
Regards
Fabrice
Le 2016-08-25 à 09:29, rsm1080 a écrit :
Hello,
I need to place a wireless device in a specific role based on the
device Mac Address(ex. 00:11:22:33:44:55) and
username(sAMAccountName=radiology). Currently, I'm able to
authenticate the device using a username but I can't get Packetfence
to recognize the Mac address and the device ends up using BYOD rule
rather than Radiology rule. I am using Vlan Filter to auto register
devices if that makes a difference. Does this configuration look correct?
[ad-user]
description=Active Directory user account
password=****************
scope=sub
binddn=CN=User1,OU=Users,DC=example,DC=net
basedn=DC=example,DC=net
email_attribute=mail
usernameattribute=sAMAccountName
connection_timeout=5
stripped_user_name=yes
encryption=none
dynamic_routing_module=AuthModule
port=389
type=AD
host=192.168.100.100
[ad-user rule Radiology]
description=Devices NOT able to use computer authentication
class=authentication
match=any
action0=set_role=Radiology
action1=set_access_duration=5D
condition0=sAMAccountName,equals,radiology
condition1=mac,equals,00:11:22:33:44:55
[ad-user rule BYOD]
description=Devices NOT maintained by IT get assigned to Guest role
class=authentication
match=any
action0=set_role=guest
action1=set_access_duration=1D
condition0=SSID,equals,Private SSID
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
