Hello David, Are you doing 802.1x or Mac authentication ?
Thanks, Ludovic Zammit lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: www.inverse.ca <https://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On Mar 11, 2021, at 7:44 AM, David Harvey <da...@thoughtmachine.net> wrote: > > Thanks Ludovic, > > I've been having some difficulty on the bulk import of users to ensure > they're created, but that's another problem for another thread ;) > For existing users if I import using the `./pfcmd import nodes` method I > still have to pick between them using a default role value , or specifying it > in the csv directly. > ```[default-role=<role>] is the default role when none is defined via the > import file. > When none is specified, it defaults to node_import.category in pf.conf > > Is there a way to ensure that an updated node keeps its current role or > recalculates against the owner? > > Thanks again for your help, > David > > On Mon, Mar 8, 2021 at 8:02 PM Ludovic Zammit <lzam...@inverse.ca > <mailto:lzam...@inverse.ca>> wrote: > Hello David, > > Make sure all those users are already created before the import or use > “default”. > > Thanks, > > Ludovic Zammit > lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: > www.inverse.ca <https://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > > >> On Feb 26, 2021, at 12:31 PM, David Harvey via PacketFence-users >> <packetfence-users@lists.sourceforge.net >> <mailto:packetfence-users@lists.sourceforge.net>> wrote: >> >> Experimenting on the same topic I have also found inconsistent behaviour >> with "./pfcmd import nodes /tmp/testimport.csv columns=mac,pid,category" >> >> 00:54:E8:61:32:00,auser,developer >> 00:F0:5D:18:93:00,anotheruser,developer >> 00:9a:4c:51:b7:00,andanotherone,developer >> 00:d8:00:e8:a5:00,opsuser,ops >> >> It seems to only set the role (category) every second run if they're all the >> same role, on alternate runs it unsets role altogether for the nodes. If I >> attempt a mix of roles is seems to set one role type and unsets the other! >> I hope that I can avoid setting the role here altogether given my initial >> query on using the existing source and mechanisms, but thought it worth >> mentioning. >> >> pf 10.2.0 On Debian 9.13 >> Thanks, >> David >> >> On Fri, Feb 26, 2021 at 2:59 PM David Harvey <da...@thoughtmachine.net >> <mailto:da...@thoughtmachine.net>> wrote: >> Dear Packetfence users, >> >> I'm looking for advice on updating my node owners whilst preserving or >> recalculating roles. >> With many new users working from home, their nodes have been registered as a >> default owner, with the role being manually set. Although I have a >> configured LDAP source which applies roles correctly to portal users, the >> users haven't been present to login through the portal. >> >> I'm looking to update the ownership with asset data that maps MAC to user >> using /pfcmd import nodes, but to do so requires the roles to be available >> on the csv file, or otherwise to set a default value. >> >> Is there a way to recalculate the role for a node from its owner information >> using an existing LDAP authentication source? Sadly I don't think I can use >> "dot1x recompute role from portal" as my my certs are machine certs and >> don't have the owner/pid present. I"ve been struggling to find info on the >> "MAC auth computer role from portal" option. >> >> Thanks in advance, >> >> David >> >> >> -- >> Data Classification: Public >> >> >> >> -- > > > > Thought Machine Group a limited company registered in England & Wales. > Registered number: 11114277. > Registered Office: 5 New Street Square, London EC4A 3TW > <https://maps.google.com/?q=5+New+Street+Square,+London+EC4A+3TW&entry=gmail&source=g>. > > The content of this email is confidential and intended for the recipient > specified in message only. It is strictly forbidden to share any part of this > message with any third party, without a written consent of the sender. If you > received this message by mistake, please reply to this message and follow > with its deletion, so that we can ensure such a mistake does not occur in the > future.
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
