Hello William,
what packetfence version are you running ?
I will make a patch that apply on your version.
Regards
Fabrice
Le 19-02-14 à 12 h 03, William Blake MacIsaac via PacketFence-users a
écrit :
Hello Fabrice,
Thank you very much for the response.
This is the error i get when i attempt to run that command;
[root@PacketFence pf]# curl
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff|
patch -p1
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left
Speed
100 5708 0 5708 0 0 7087 0 --:--:-- --:--:--
--:--:-- 7081
patching file conf/profiles.conf.defaults
Hunk #1 FAILED at 32.
1 out of 1 hunk FAILED -- saving rejects to file
conf/profiles.conf.defaults.rej
can't find file to patch at input line 14
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git
a/docs/api/spec/components/schemas/configconnectionprofile.yaml
b/docs/api/spec/components/schemas/configconnectionprofile.yaml
|index 7dbe71a1134..48aae9bcc1c 100644
|--- a/docs/api/spec/components/schemas/configconnectionprofile.yaml
|+++ b/docs/api/spec/components/schemas/configconnectionprofile.yaml
--------------------------
File to patch:
On Wed, Feb 13, 2019 at 6:28 PM Durand fabrice via PacketFence-users
<[email protected]
<mailto:[email protected]>> wrote:
Hello William,
can you try that:
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff
cd /usr/local/pf
curl
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff|
<https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff%7C>
patch -p1 --dry-run
if there is no error
curl
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff|
<https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3967.diff%7C>
patch -p1
restart packetfence and in the connection profile 802.1X-Profile
and check: dot1x_unset_on_unmatch
And retry.
let me know if it help
Regards
Fabrice
Le 19-02-13 à 17 h 43, William Blake MacIsaac via
PacketFence-users a écrit :
I'm hoping someone can help me. I'm trying to setup
802.1x-Wireless to allow users to connect to a SSID utilizing
domain credentials. The problem is, when users connect and enter
there username and password, they are not being tested against
the Authentication sources i have setup, they are just being
allowed to connect, regardless if they are part of the group or
not. I can even delete the whole authentication source and they
are still being authenticated.. what the hell? :(, please help
image.png
:19:39 PacketFence packetfence_httpd.aaa: httpd.aaa(8345) INFO:
[mac:8c:f5:a3:a2:d4:18] handling radius autz request: from
switch_ip => (10.100.2.254), connection_type =>
Wireless-802.11-EAP,switch_mac => (00:15:5d:01:3d:00), mac =>
[8c:f5:a3:a2:d4:18], port => 12290, username => "bmacisaaca",
ssid => YC-IT (pf::radius::authorize)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Instantiate profile
802.1X-Profile (pf::Connection::ProfileFactory::_from_profile)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Found
authentication source(s) : 'local,8021X-Wireless' for realm
'null' (pf::config::util::filter_authentication_sources)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) WARN: [mac:8c:f5:a3:a2:d4:18] Calling match with
empty/invalid rule class. Defaulting to 'authentication'
(pf::authentication::match2)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Using sources
local, 8021X-Wireless for matching (pf::authentication::match2)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] LDAP testing
connection (pf::LDAP::expire_if)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Role has already
been computed and we don't want to recompute it. Getting role
from node_info (pf::role::getRegisteredRole)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Username was
defined "bmacisaaca" - returning role 'YC-IT-WIFI'
(pf::role::getRegisteredRole)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] PID: "bmacisaaca",
Status: reg Returned VLAN: (undefined), Role: YC-IT-WIFI
(pf::role::fetchRoleForNode)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) WARN: [mac:8c:f5:a3:a2:d4:18] No parameter
YC-IT-WIFIVlan found in conf/switches.conf for the switch
10.100.2.254 (pf::Switch::getVlanByName)
Feb 13 14:19:39 PacketFence pfqueue: pfqueue(33849) INFO:
[mac:unknown] undefined source id provided
(pf::lookup::person::lookup_person)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] violation 1300003
force-closed for 8c:f5:a3:a2:d4:18
(pf::violation::violation_force_close)
Feb 13 14:19:39 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Instantiate profile
802.1X-Profile (pf::Connection::ProfileFactory::_from_profile)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] handling radius
autz request: from switch_ip => (10.100.2.254), connection_type
=> Wireless-802.11-EAP,switch_mac => (00:15:5d:01:3d:00), mac =>
[8c:f5:a3:a2:d4:18], port => 12290, username => "bmacisaaca",
ssid => YC-IT (pf::radius::authorize)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Instantiate profile
802.1X-Profile (pf::Connection::ProfileFactory::_from_profile)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Found
authentication source(s) : 'local' for realm 'null'
(pf::config::util::filter_authentication_sources)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) WARN: [mac:8c:f5:a3:a2:d4:18] Calling match with
empty/invalid rule class. Defaulting to 'authentication'
(pf::authentication::match2)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Using sources local
for matching (pf::authentication::match2)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Role has already
been computed and we don't want to recompute it. Getting role
from node_info (pf::role::getRegisteredRole)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Username was
defined "bmacisaaca" - returning role 'YC-IT-WIFI'
(pf::role::getRegisteredRole)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] PID: "bmacisaaca",
Status: reg Returned VLAN: (undefined), Role: YC-IT-WIFI
(pf::role::fetchRoleForNode)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) WARN: [mac:8c:f5:a3:a2:d4:18] No parameter
YC-IT-WIFIVlan found in conf/switches.conf for the switch
10.100.2.254 (pf::Switch::getVlanByName)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] violation 1300003
force-closed for 8c:f5:a3:a2:d4:18
(pf::violation::violation_force_close)
Feb 13 14:21:15 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Instantiate profile
802.1X-Profile (pf::Connection::ProfileFactory::_from_profile)
Feb 13 14:21:15 PacketFence pfqueue: pfqueue(32627) INFO:
[mac:unknown] undefined source id provided
(pf::lookup::person::lookup_person)
^C
[root@PacketFence logs]# tail -f packetfence.log
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Found
authentication source(s) : 'local' for realm 'null'
(pf::config::util::filter_authentication_sources)
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) WARN: [mac:8c:f5:a3:a2:d4:18] Calling match with
empty/invalid rule class. Defaulting to 'authentication'
(pf::authentication::match2)
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Using sources local
for matching (pf::authentication::match2)
Feb 13 14:28:49 PacketFence pfqueue: pfqueue(101125) INFO:
[mac:unknown] undefined source id provided
(pf::lookup::person::lookup_person)
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Role has already
been computed and we don't want to recompute it. Getting role
from node_info (pf::role::getRegisteredRole)
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Username was
defined "bmacisaaca" - returning role 'YC-IT-WIFI'
(pf::role::getRegisteredRole)
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] PID: "bmacisaaca",
Status: reg Returned VLAN: (undefined), Role: YC-IT-WIFI
(pf::role::fetchRoleForNode)
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) WARN: [mac:8c:f5:a3:a2:d4:18] No parameter
YC-IT-WIFIVlan found in conf/switches.conf for the switch
10.100.2.254 (pf::Switch::getVlanByName)
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] violation 1300003
force-closed for 8c:f5:a3:a2:d4:18
(pf::violation::violation_force_close)
Feb 13 14:28:49 PacketFence packetfence_httpd.aaa:
httpd.aaa(8345) INFO: [mac:8c:f5:a3:a2:d4:18] Instantiate profile
802.1X-Profile (pf::Connection::ProfileFactory::_from_profile)
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
