Yes.. google ldap is just a setting under google's workspace. I committed some additional documentation to PF's google ldap / documentation here (its not in the public builds yet)
https://github.com/inverse-inc/packetfence/blob/devel/docs/installation/google_workspace_ldap.asciidoc You need to enable the LDAP service from google workspace's console. You will be able to get group memberships.. etc.. you can find several threads here in the mailing list about that. But for schools.. this is definitively the way to go. cheers On Fri, Oct 28, 2022 at 12:02 PM Paulo Colomés <pcolo...@nis.cl> wrote: > Thanks Diego, > > I´ve never used Google LDAP tbh, and yes, the end customer is a school. Do > you know if Google LDAP gets automatically populated with the Workspace > accounts (they currently own like 5.000 acounts)? > > Paulo Colomés > Ingeniero de Proyectos TI - NIS.CL > Web: www.nis.cl > Teléfono: +56-9-84053482 > > On 28-10-2022, at 12:00, Diego Garcia del Rio <garc...@gmail.com> wrote: > > You should look into using google LDAP. > > Google Oauth is not really supported by google in the captive portal > browser of most phones now a days. Also, you can't limit the google > authentication to a single domain (I had posted some changes to support a > specific google domain but those never made it upstream). So any google > account would work. > > I strongly suggest you look into the google LDAP integration instead (its > free for schools). If you're not a school though, it might require some of > the more expensive google workspace plans. > > > > On Thu, Oct 27, 2022 at 9:20 AM Paulo Colomés via PacketFence-users < > packetfence-users@lists.sourceforge.net> wrote: > >> Good morning everyone. >> >> We are willing to deploy a combined solution with a Cisco WLC (plus Cisco >> APs) and PacketFence to create a unique SSID with a Captive Portal using >> Google Authentication (all of our users have a Google Workspace account) >> but some questions arose during the planning phase: >> >> 1. It is possible to use PacketFence in this scenario? We are not using >> Active Directory at all but only Google to authenticate users. >> 2. Do you know if it's possible to set up this Captive Portal to make >> users enter their Google credentials only once every 30 days? We don´t want >> to make them authenticate every day. I think this is a AAA feature on >> PacketFence, but I am not sure about the Google authentication integration. >> Our main goal is to deploy the Google authentication page when a user >> connects to the WiFi and leave them online for 30 days without asking them >> to re-authenticate. >> >> Thanks in advance >> >> Paulo Colomés >> Ingeniero de Proyectos TI - NIS.CL <http://nis.cl/> >> Web: www.nis.cl >> Teléfono: +56-9-84053482 >> >> >> >> _______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> > >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
