Re: [PacketFence-users] RADIUS NPS Server as authentication source

Fri, 26 Oct 2018 04:49:15 -0700 

Hi Murilo,
an account with read access is enough, the account is only use to do some search. 


When you authenticate then PacketFence will bind with the username and 
password of the user.


Regards

Fabrice


Le 18-10-26 à 07 h 11, Murilo Calegari a écrit :

Hi Fabrice,


Using LDAP apparently requires a domain admin account, which we don't 
have, and probably won't get, permanent access.Atenciosamente,


Regards,

        Murilo Calegari de Souza
Estagiário da TI
Coordenadoria de Tecnologia da Informação
Instituto Federal do Espírito Santo – Campus Nova Venécia
27 3752 4311 ramal 43112





Em qui, 25 de out de 2018 às 22:20, Durand fabrice <fdur...@inverse.ca 
<mailto:fdur...@inverse.ca>> escreveu:


    Hello Murilo,

    why don't you use ldaps instead ?

    Regards

    Fabrice


    Le 18-10-24 à 07 h 25, Murilo Calegari a écrit :

    Hi, everyone,

    Be aware of the dummy! The default_login_policy didn't have my
    Radius Source as Source (duh), so PacketFence wasn't forwarding
    credentials to my NPS. Later I had to active PAP as
    authentication type in NPS server.
    I'm aware that PAP is a VERY weak protocol to transmit
    credentials over some public network, can't PacketFence deal with
    some more robust, encrypted, authentication method?

    Hope you can answer me.

    Best Regards,

        Murilo Calegari de Souza
    Estagiário da TI
    Coordenadoria de Tecnologia da Informação
    Instituto Federal do Espírito Santo – Campus Nova Venécia
    27 3752 4311 ramal 43112


    Em qua, 24 de out de 2018 às 08:12, Murilo Calegari
    <murilo.calegari.so...@gmail.com
    <mailto:murilo.calegari.so...@gmail.com>> escreveu:

        Hi, Fabrice,

        On the NPS Server, the network politics for PacketFence are
        now configure so it accepts PEAP, EAP-MSCHAP v2 and it also
        has CHAP checkbox activated, but login still won't work.

        Today our NPS server provides authentication for WPAEnteprise
        Wi-Fis, I've got it configure in the UniFi controller and
        also some regular routers around the school.

        Regards,


                Murilo Calegari de Souza
        Estagiário da TI
        Coordenadoria de Tecnologia da Informação
        Instituto Federal do Espírito Santo – Campus Nova Venécia
        27 3752 4311 ramal 43112


        Em ter, 23 de out de 2018 às 18:40, Durand fabrice via
        PacketFence-users <packetfence-users@lists.sourceforge.net
        <mailto:packetfence-users@lists.sourceforge.net>> escreveu:

            Hello Murilo,

            does your NPS server is configured to do chap ?

            When you say the NPS provides RADIUS Authentication, what
            kind of authentication ?

            Regards

            Fabrice


            Le 18-10-23 à 11 h 02, Murilo Calegari via
            PacketFence-users a écrit :

            Hi,

            We have in our school a NPS server that provides RADIUS
            authentication. It works fine in other systems, but when
            adding it in PacketFence it doesn't work as
            authentication source.

            On the NPS server,I have already created PacketFence
            server as client and added its own rule. On PacketFence
            side, I created a new RADIUS Internal Source and
            associated the realms default, local and null — which
            are not pointing to any AD Domain. I wasn't able to find
            a portal module to RADIUS (I'm now assuming it is
            "login"); on login module, after inserting credentials
            (without the @ part) "Invalid login or password" is
            thrown and packetfence.log registers the following:

            Oct 23 11:58:58 prometeu packetfence_httpd.portal:
            httpd.portal(43305) INFO: [mac:00:11:22:33:44:55] Found
            authentication source(s) : 'local' for realm 'null'
            (pf::config::util::filter_authentication_sources)
            Oct 23 11:58:58 prometeu packetfence_httpd.portal:
            httpd.portal(43305) INFO: [mac:00:11:22:33:44:55]
            Authenticating user using sources : local
            
(captiveportal::PacketFence::DynamicRouting::Module::Authentication::Login::authenticate)

            Maybe realm null is not properly pointing to the RADIUS
            source.

            Hope someone can help me!

            Best regards,


                Murilo Calegari de Souza
            Estagiário da TI
            Coordenadoria de Tecnologia da Informação
            Instituto Federal do Espírito Santo – Campus Nova Venécia
            27 3752 4311 ramal 43112




            _______________________________________________
            PacketFence-users mailing list
            PacketFence-users@lists.sourceforge.net  
<mailto:PacketFence-users@lists.sourceforge.net>
            https://lists.sourceforge.net/lists/listinfo/packetfence-users

            _______________________________________________
            PacketFence-users mailing list
            PacketFence-users@lists.sourceforge.net
            <mailto:PacketFence-users@lists.sourceforge.net>
            https://lists.sourceforge.net/lists/listinfo/packetfence-users


_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users






















					Reply via email to