Hello Nadim,
here what happen:
Feb 10 13:15:08 fennec packetfence_httpd.aaa: httpd.aaa(15955) INFO:
[mac:a4:e9:75:4e:95:5d] handling radius autz request: from switch_ip =>
(10.2.75.11), connection_type => Wireless-802.11-EAP,switch_mac =>
(5c:5b:35:a8:10:33), mac => [a4:e9:75:4e:95:5d], port => 0, username =>
"[email protected]", ssid => eduroam (pf::radius::authorize)
Feb 10 13:15:08 fennec packetfence_httpd.aaa: httpd.aaa(15955) INFO:
[mac:a4:e9:75:4e:95:5d] Instantiate profile non-sc-eduroam-users
(pf::Connection::ProfileFactory::_from_profile)
Feb 10 13:15:08 fennec packetfence_httpd.aaa: httpd.aaa(15955) INFO:
[mac:a4:e9:75:4e:95:5d] Found authentication source(s) : '' for realm
'springfieldcollege.edu' (pf::config::util::filter_authentication_sources)
Feb 10 13:15:08 fennec packetfence_httpd.aaa: httpd.aaa(15955) WARN:
[mac:a4:e9:75:4e:95:5d] No category computed for autoreg
(pf::role::getNodeInfoForAutoReg)
Feb 10 13:15:08 fennec packetfence_httpd.aaa: httpd.aaa(15955) WARN:
[mac:a4:e9:75:4e:95:5d] Switch type 'pf::Switch::Generic' does not
support MABFloatingDevices (pf::SwitchSupports::__ANON__)
Feb 10 13:15:08 fennec packetfence_httpd.aaa: httpd.aaa(15955) INFO:
[mac:a4:e9:75:4e:95:5d] Found authentication source(s) : '' for realm
'springfieldcollege.edu' (pf::config::util::filter_authentication_sources)
PacketFence instantiate the profile non-sc-eduroam-users but is not able
to find any sources to compute the rules.
My assumption is that you enabled auto registration on the connection
profile but you didn't defined any sources.
So edit the connection profile and assign an authentication source on it
(you probably have an AD one).
Regards
Fabrice
Le 20-02-10 à 14 h 34, Nadim El-Khoury a écrit :
Hi Fabrice,
Please find attached the packetfence.log file.
The username is [email protected]
<mailto:[email protected]>
Best,
Nadim
On Fri, Feb 7, 2020 at 10:09 PM Durand fabrice via PacketFence-users
<[email protected]
<mailto:[email protected]>> wrote:
Hello Nadim
Le 20-02-05 à 02 h 19, Nadim El-Khoury via PacketFence-users a écrit :
Hi Everyone,
It does not look like that PF 9.3.0 is able to assign the right
connection profile once a user is authenticated.
Question 1) Why is the right connection profile not being picked
up based on the created filter?
probably a wrong filter
Question 2) Can the default connection profile be disabled?
no
Question 3) Why is the system not entering the right owner for
the registered device after successful authentication?
No profile , so no source, so no user.
Question 4) Why is the connection profile is set to N/A when it
does not properly match a profile?
because packetfence is not able to compute the connection profile.
When running the /usr/local/pf/bin/pftest authentication username ""
The command returns the right AD group the user is part of.
Recomputing of roles does not seem to be working if a device is
successfully registered with another user or owner. So, if a new
user uses the same device the role is not recomputed and the new
user using the same old registered device ends up with the same
previous role as the previous user.
Question 1) How can we change the above behavior?
share your packetfence.log file when the device connect and we
will have the answer.
Regards
Fabrice
Your help is very much appreciated.
Best,
Nadim
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
