Hello rsm,
ok so save the patch in a file, role.patch then in /usr/local/pf do:
patch -p1 < role.patch
then restart packetfence.
Regards
Fabrice
Le 2016-08-29 à 10:20, rsm1080 a écrit :
Fabrice,
I'm not following what you are requesting. I don't have an a or b
directory under /usr/local/pf/ to do a diff on. Sorry if this is
something simple that I'm overlooking.
Thanks,
rsm
---- On Thu, 25 Aug 2016 16:41:30 -0700 *Durand fabrice
<[email protected]>* wrote ----
Hello John Doe,
it's probably because the mac is not sent to the source.
Can you try that:
diff --git a/lib/pf/role.pm b/lib/pf/role.pm
index dc260f5..cfbe3dd 100644
--- a/lib/pf/role.pm
+++ b/lib/pf/role.pm
@@ -46,6 +46,7 @@ use pf::person;
use pf::lookup::person;
use pf::util::statsd qw(called);
use pf::StatsD::Timer;
+use Hash::Merge qw (merge);
our $VERSION = 1.04;
@@ -443,6 +444,7 @@ sub getRegisteredRole {
rule_class => 'authentication',
radius_request => $args->{radius_request},
};
+ $params = merge($args, $params);
$role = &pf::authentication::match([@sources],
$params, $Actions::SET_ROLE, \$source);
my $unregdate =
&pf::authentication::match([@sources], $params,
$Actions::SET_UNREG_DATE);
# create a person entry for pid if it doesn't exist
@@ -579,7 +581,7 @@ sub getNodeInfoForAutoReg {
stripped_user_name => $stripped_user,
radius_request => $args->{radius_request},
};
-
+ $params = merge($args, $params);
my $source;
# Don't override vlan filter role
if (!defined($role)) {
And let me know.
Regards
Fabrice
Le 2016-08-25 à 09:29, rsm1080 a écrit :
Hello,
I need to place a wireless device in a specific role based on
the device Mac Address(ex. 00:11:22:33:44:55) and
username(sAMAccountName=radiology). Currently, I'm able to
authenticate the device using a username but I can't get
Packetfence to recognize the Mac address and the device ends
up using BYOD rule rather than Radiology rule. I am using Vlan
Filter to auto register devices if that makes a difference.
Does this configuration look correct?
[ad-user]
description=Active Directory user account
password=****************
scope=sub
binddn=CN=User1,OU=Users,DC=example,DC=net
basedn=DC=example,DC=net
email_attribute=mail
usernameattribute=sAMAccountName
connection_timeout=5
stripped_user_name=yes
encryption=none
dynamic_routing_module=AuthModule
port=389
type=AD
host=192.168.100.100
[ad-user rule Radiology]
description=Devices NOT able to use computer authentication
class=authentication
match=any
action0=set_role=Radiology
action1=set_access_duration=5D
condition0=sAMAccountName,equals,radiology
condition1=mac,equals,00:11:22:33:44:55
[ad-user rule BYOD]
description=Devices NOT maintained by IT get assigned to Guest
role
class=authentication
match=any
action0=set_role=guest
action1=set_access_duration=1D
condition0=SSID,equals,Private SSID
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users
mailing [email protected]
<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
