The rules appear to match as that's where I get the VLAN from. The access duration is also set.
This is my authentication.conf for the source I'm using: [ASDUser] description=ASDUser usernameattribute=sAMAccountName encryption=none type=AD password= host=10.16.2.2 basedn=DC=asd,DC=local dynamic_routing_module=AuthModule scope=sub connection_timeout=5 binddn=CN=Packetfence IT,OU=Non User Accounts,OU=Users,DC=asd,DC=local stripped_user_name=yes port=389 email_attribute=mail [ASDUser rule Scanners] description=Scanners class=authentication match=any action0=set_role=Scanners action1=set_access_duration=1D condition0=distinguishedName,matches regexp,Scanners,OU=Users,DC=asd,DC=local [ASDUser rule StaffGuest] description=StaffGuest class=authentication match=any action0=set_role=guest action1=set_access_duration=12h condition0=distinguishedName,matches regexp,OU=Users,DC=asd,DC=local Profiles.conf: [802.1x] filter=connection_type:Wireless-802.11-EAP,connection_type:Ethernet-EAP,connection_type:Ethernet-NoEAP,connection_type:WIRED_MAC_AUTH sources=ASD,ASDUser autoregister=enabled locale= access_registration_when_registered=disabled reuse_dot1x_credentials=enabled root_module=test dot1x_recompute_role_from_portal=0 -----Original Message----- From: Fabrice Durand via PacketFence-users <[email protected]> Sent: 12 July 2019 19:28 To: [email protected] Cc: Fabrice Durand <[email protected]> Subject: Re: [PacketFence-users] 802.1x Max nodes per user... Hello, it's probably because in your authentication source no rules match and it doesn't return any role and access duration. use bin/pftest to be sure that your username match with a rule. Regards Fabrice Le 19-07-08 à 23 h 58, esouzabh--- via PacketFence-users a écrit : > I’m facing the same problem. How can I ensure that some user can login just > one time daily? > > Att., > Emannuel Souza > > > Em 8 de jul de 2019, à(s) 06:42, John Sayce via PacketFence-users > <[email protected]> escreveu: > >> Hi, >> >> Does the max nodes per user limitation apply for devices that authenticate >> with 802.1x. I use mac authentication in our guest network and users are >> limited to the number of nodes specified, however staff using the 802.1x >> authentication appear to be able to register as many devices as they wish? >> Is this by design or is some additional configuration required? I'm >> currently using version 6.5.1. >> >> Thanks >> John Sayce >> >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
