Fabrice, I'm not following what you are requesting. I don't have an a or b directory under /usr/local/pf/ to do a diff on. Sorry if this is something simple that I'm overlooking.
Thanks, rsm ---- On Thu, 25 Aug 2016 16:41:30 -0700 Durand fabrice <[email protected]> wrote ---- Hello John Doe, it's probably because the mac is not sent to the source. Can you try that: diff --git a/lib/pf/role.pm b/lib/pf/role.pm index dc260f5..cfbe3dd 100644 --- a/lib/pf/role.pm +++ b/lib/pf/role.pm @@ -46,6 +46,7 @@ use pf::person; use pf::lookup::person; use pf::util::statsd qw(called); use pf::StatsD::Timer; +use Hash::Merge qw (merge); our $VERSION = 1.04; @@ -443,6 +444,7 @@ sub getRegisteredRole { rule_class => 'authentication', radius_request => $args->{radius_request}, }; + $params = merge($args, $params); $role = &pf::authentication::match([@sources], $params, $Actions::SET_ROLE, \$source); my $unregdate = &pf::authentication::match([@sources], $params, $Actions::SET_UNREG_DATE); # create a person entry for pid if it doesn't exist @@ -579,7 +581,7 @@ sub getNodeInfoForAutoReg { stripped_user_name => $stripped_user, radius_request => $args->{radius_request}, }; - + $params = merge($args, $params); my $source; # Don't override vlan filter role if (!defined($role)) { And let me know. Regards Fabrice Le 2016-08-25 à 09:29, rsm1080 a écrit : Hello, I need to place a wireless device in a specific role based on the device Mac Address(ex. 00:11:22:33:44:55) and username(sAMAccountName=radiology). Currently, I'm able to authenticate the device using a username but I can't get Packetfence to recognize the Mac address and the device ends up using BYOD rule rather than Radiology rule. I am using Vlan Filter to auto register devices if that makes a difference. Does this configuration look correct? [ad-user] description=Active Directory user account password=**************** scope=sub binddn=CN=User1,OU=Users,DC=example,DC=net basedn=DC=example,DC=net email_attribute=mail usernameattribute=sAMAccountName connection_timeout=5 stripped_user_name=yes encryption=none dynamic_routing_module=AuthModule port=389 type=AD host=192.168.100.100 [ad-user rule Radiology] description=Devices NOT able to use computer authentication class=authentication match=any action0=set_role=Radiology action1=set_access_duration=5D condition0=sAMAccountName,equals,radiology condition1=mac,equals,00:11:22:33:44:55 [ad-user rule BYOD] description=Devices NOT maintained by IT get assigned to Guest role class=authentication match=any action0=set_role=guest action1=set_access_duration=1D condition0=SSID,equals,Private SSID ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
