Hello Diego, in the meantime, thanks for the reply.
In the 'Username Attribute' field, I entered 'uid' and in BaseDN I entered ou = Users, dc = myschool, dc = edu, dc = it as you suggested. By clicking on the 'Test' button you get the result positive, so the indicated parameters are probably correct. On my pf server configured in inline mode, I created a connection profile having as source the local source configured with Google Workspace tested correctly. In the captive portal that appears on the client side in the wifi on the inline network, I enter the credentials of a Google Workspace user, but unfortunately the error "Invalid login or password" comes out despite these credentials are correct (id: usern...@schoolname.edu. It and password). How come? A thousand thanks Da: Diego Garcia del Rio <garc...@gmail.com> Inviato: giovedì 2 giugno 2022 10:48 A: packetfence-users <packetfence-users@lists.sourceforge.net> Cc: leonardo.i...@itsinformatica.it Oggetto: Re: [PacketFence-users] Setting up a local source with Google Workspace most of the defaults should work. For the username Attribute, 'uid' should work. when you click on the "test" button for the bindDn and password, does it work? make sure the ldap service is enabled as well (not just the credentials generated). Its quite annoying as its not readily evident you havent enabled the service Also, using "stunnel" (for certificate-based SSL tunneling to google) and an ldap browser such as "jExplorer" you can test and see if you can browse the ldap tree, make sure the credentials are ok, etc.. The bindDN is "just" the username, like "jdoe" but the BaseDN needs to have the prefix "ou=Users" such as the following: ou=Users,dc=myschool,dc=edu,dc=ar cheers! On Sun, May 29, 2022 at 1:43 PM leonardo.izzo--- via PacketFence-users <packetfence-users@lists.sourceforge.net <mailto:packetfence-users@lists.sourceforge.net> > wrote: Hello everyone, I have some doubts regarding some fields of the source in question. In 'Bind DN' and 'Password' I have to enter the credentials generated by the Google Workspace console -> Authentication section -> "Generate new credentials". Quite right? In the 'Base DN' field I have entered the customer's domain in DN format, i.e. the domain is schoolname.edu.it <http://schoolname.edu.it> so in this field I have entered the string: dc = schoolname, dc = edu, dc = it. Quite right? 'Host' = ldap.google.com <http://ldap.google.com> on SSL port 636 'SSL Verify Mode' = none 'Dead duration' = 60 'Connection timeout' = 1 'Request timeout' = 5 'Response timeout' = 10 'Scope' = Subtree 'Search Attributes' = null 'Append search attributes' = null 'Email Attribute' = mail 'Cache match' = off 'Monitor' = on 'Shuffle' = off 'Associated Realms' = nothing Also I wanted to know what to put in the 'Username Attribute' field. Thanks _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net <mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
