Re: [PacketFence-users] How do I update to version 5.7

2016-06-22 Thread Morgan, Joel P. 
I was able to upgrade from 5.4 to 5.7 using "yum update packetfence-5.7.0 
--enablerepo=packetfence" but these services won't start:

radiusd-acct
radius
radsniff3

Here is the error I get when I start radiusd in debug mode:

radiusd -X -d /usr/local/pf/raddb

Starting - reading configuration files ...
including dictionary file /usr/share/freeradius/dictionary
including dictionary file /usr/share/freeradius/dictionary.dhcp
including dictionary file /usr/share/freeradius/dictionary.vqp
Errors reading /usr/local/pf/raddb/dictionary: dict_init: 
/usr/local/pf/raddb/dictionary[47]: dict_addattr: Duplicate attribute name 
Called-Station-SSID

If I edit /usr/local/pf/raddb/dictionary and comment out the line that gives 
the error:

#ATTRIBUTE  Called-Station-SSID 3010string

Startup gets much further:

including configuration file 
/usr/local/pf/raddb/sites-enabled/packetfence-tunnel
including configuration file /usr/local/pf/raddb/sites-enabled/packetfence
/usr/local/pf/raddb/sites-enabled/packetfence[69]: Parse error in condition
/usr/local/pf/raddb/sites-enabled/packetfence[69]: (!EAP-Type || (EAP-Type != 
EAP-TTLS  && EAP-Type != PEAP)) {
/usr/local/pf/raddb/sites-enabled/packetfence[69]:^ 
Failed to parse value for attribute
Errors reading or parsing /usr/local/pf/raddb/radiusd.conf


I followed the upgrade doc to the letter. Does anyone know how I can 
troubleshoot this? This is the section with line 69.

 69 if (!EAP-Type || (EAP-Type != EAP-TTLS  && EAP-Type != PEAP)) {
 70 update control {
 71 PacketFence-RPC-Server = ${rpc_host}
 72 PacketFence-RPC-Port = ${rpc_port}
 73 PacketFence-RPC-User = ${rpc_user}
 74 PacketFence-RPC-Pass = ${rpc_pass}
 75 PacketFence-RPC-Proto = ${rpc_proto}
 76 }
 77 packetfence
 78 sql




--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Using DNS names instead of IP's when creating a new switch/ap

2016-06-22 Thread Dustin Berube 
Good afternoon,

I did some searching in both the issues list on github and the mailing list
and didn't really see anything pertaining to this.

Has there been any discussion about allowing the ability to use DNS names
or IP addresses when creating a new switch or AP? In our environment it
would be easier to reference all of our infrastructure using DNS since we
have the DNS infrastructure already built out for this.

Let me know if you see any reasons why this wouldn't be feasible from an
design/architecture point of view.

Thanks,
Dustin
--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] ANN: PacketFence v6.1.0

2016-06-22 Thread Holger.Patzelt 
☺
Yeah, thanks. that helped


--
DEUTSCHE TELEKOM HEALTHCARE AND SECURITY SOLUTIONS GMBH

Holger Patzelt
Pascalstr. 11, 10587 Berlin
Telefon: +49 30 8353 84591  Telefax: +49 30 8353 84429 (Tel)
E-Mail: holger.patz...@t-systems.com

Von: Louis Munro [mailto:lmu...@inverse.ca]
Gesendet: Mittwoch, 22. Juni 2016 17:15
An: packetfence-users@lists.sourceforge.net
Betreff: Re: [PacketFence-users] ANN: PacketFence v6.1.0


--
Louis Munro
lmu...@inverse.ca  ::  
www.inverse.ca
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and 
PacketFence (www.packetfence.org)

On Jun 22, 2016, at 11:05 , 
> 
> wrote:

Checking configuration sanity...
FATAL - The PacketFence database schema version '6.0.0' does not match the 
current installed version '6.1.0'
Please refer to the UPGRADE guide on how to complete an upgrade of PacketFence


Actually, the upgrade guide mentions running the db/upgrade-6.0.0-6.1.0.sql 
script.
But, unfortunately there’s an error in the script in 6.1.0.

That has been fixed in 6.1.1.
Just do a
# yum clean all --enablerepo=packetfence
# yum upgrade packetfence

and you will get the corrected version of the script.




The update Guide says:
"Once completed, update the file /usr/local/pf/conf/currently-at to match the 
new release number (PacketFence 6.1.0)."

But as the file does not exist on this (was-ZEN-6.0.0) installation, and the 
update-Document does not tell its format or exact contents,
I am stuck again...

Run
# /usr/local/pf/bin/pfcmd version > /usr/local/pf/conf/currently-at

Regards,
--
Louis Munro
lmu...@inverse.ca  ::  
www.inverse.ca
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and 
PacketFence (www.packetfence.org)

--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Can not join AD domain (for radius) on PF 6.1 on debian jessie

2016-06-22 Thread frm frm 
Hi,

Ultimately, I want to install pf on debian jessie.

However, for the use of Radius,  I do not succeed to join my (samba) AD
domain with PF 6.1. on debian jessie).
Via the web interface, I get the error:

Test join fail!Enter PF$@...'s password:

I registered with the administrator account and the correct password.

Manually joining the samba AD domain succeeds.

However, running the script fails (perl /usr/local/pf/addons/AD/migrate.pl).
It gives a syntax error on the file domain.conf, because the domain expands
to

this


I replaced in the perl script:
# my $WORKGROUP = pf_run('grep workgroup /etc/samba/smb.conf | awk \'{print
$3}\'');
my $WORKGROUP = "MYDOMAIN";

Then the script starts.

However, then I get:

Are these settings fine ? This is your last chance before the domain bind.
(y/n)y
touch: cannot touch '/var/cache/samba MYDOMAIN /secrets.tdb': No such file
or directory
cp: cannot stat '/var/cache/samba MYDOMAIN ': No such file or directory
touch: cannot touch '/var/cache/samba MYDOMAIN /secrets.tdb': No such file
or directory
cp: cannot stat '/var/cache/samba MYDOMAIN N': No such file or directory
mkdir failed on directory /var/cache/samba/lck: No such file or directory
Could not initialise message context. Try running as root
domain join : Failed to join domain: Access is denied

touch: cannot touch '/var/cache/samba MYDOMAIN /secrets.tdb': No such file
or directory
cp: cannot stat '/var/cache/samba MYDOMAIN: No such file or directory
Hard expiring resource : config::Domain
Expiring child resource resource::domain_dns_servers. Master resource is
config::Domain
Hard expiring resource : resource::domain_dns_servers
Done. If there were any issues joining the domain, you can now use the web
interface to fix the issues (Configuration->Domains)

How can I add pf succesfully to my domain on debian?

Best,

-- JG




--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users