One more stupid question from me, Fabrice, regarding the same subject J
How is the role assigned to the user session?
I dont see it in the debugs output but I see it in the results of the
pftest like I showed it before
Am I supposed to see it the RADIUS reply message or somewhere in the debug
outputs ?
Still trying to implement the limitation of devices that the staff user is
supposed to connect.
And finally, when will the node become registered ? As far as I understand
it doesnt have anything to do with a user that owns it and successfully
authenticates using dot1x supplicant?
Just wondering if we can have hosts/nodes registered after VLAN assignment
to dot1x session ?
Eugene
From: Durand fabrice [mailto:[email protected]]
Sent: Friday, January 19, 2018 6:05 PM
To: E.P.; [email protected]
Subject: Re: [PacketFence-users] Number of devices to connect to the network
In your AD authentication source, create a rule that match a staff group and
assign the staff role and an access duration. (memberof equal
cn=staff,dc=...)
Regards
Fabrice
Le 2018-01-17 à 01:07, E.P. a écrit :
Great!
That confirms my train of thought. But it is still not clear to me how will
it affect the user that authenticates against AD.
Yes, I have created a new role, called staff and yes, I have set a limit
of 2 devices for this role.
Then, the end-user just connects to SSID, authenticates and gets on the
network. How would I assign the user to the staff role?
Is this where provisioners come to help ?
Eugene
From: Fabrice Durand via PacketFence-users
[mailto:[email protected]]
Sent: Tuesday, January 16, 2018 6:42 AM
To: [email protected]
Cc: Fabrice Durand
Subject: Re: [PacketFence-users] Number of devices to connect to the network
Hello Eugene,
this is exactly where you have to control that.
So just set a limit on the roles where you want to limit the number of
devices per users.
Regards
Fabrice
Le 2018-01-16 à 02:01, E.P. via PacketFence-users a écrit :
It sounds close to the number of devices/nodes a user can register which is
configurable under Configuration-Policies and access control-Roles, but we
dont allow this luxury to anyone yet. Just regular network admission
control based on the active AD account
From: E.P. [mailto:[email protected]]
Sent: Monday, January 15, 2018 10:54 PM
To: [email protected]
Subject: Number of devices to connect to the network
Guys,
We are still at the early phases of PF deployment and only now looking into
AD based authentication for wireless devices
Is there any way to limit the number of user devices that can be connected
by one user?
Lets say the user uses his/her laptop and roams around remote sites where
we provide WiFi with WPA2-Enterprise and we also allow him/her use the phone
(iPhone/Android). No more devices to connect
Eugene
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
