Re: [PacketFence-users] Packetfence Authentication fails with Module-Failure-Message = "chrooted_mschap: No logon servers are currently available to service the logon request

[Fabrice Durand via PacketFence-users]

Hello Stephen,

it´s a reply from winbindd, so check if you server is correctly joined and
maybe restart packetfence-winbindd.
Also you can go in the chroot like that:

chroot /chroot/"you domain name"
wbinfo -P

it should return the connected AD server.

Regards
Fabrice


Le jeu. 22 sept. 2022 à 11:17, Stephen Tseen Fayum via PacketFence-users <
packetfence-users@lists.sourceforge.net> a écrit :

> Hello
>
> I am new to Packetfence, and I am trying to set it up, but I am getting
> the following errors.
>
> Module-Failure-Message = "chrooted_mschap: Program returned code (1) and
> output 'No logon servers are currently available to service the logon
> request. (0xc05e)'" Module-Failure-Message = "chrooted_mschap: No logon
> servers are currently available to service the logon request. (0xc05e)"
>
> Can someone help me with this?
>
>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Auth Failed with openldap 【2nd Try】

[Fabrice Durand via PacketFence-users]

Hello,

i think in the ldap config you need to enable that:

control:NT-Password := 'ntPassword'

and ntPassword is supposed to be the attribute in the ldap that matches the
user password.

Regards
Fabrice


Le mer. 21 sept. 2022 à 22:51, 梁伟俊  a écrit :

> Fabrice
>
> Thanks for your reply , the raddebug log & ldap config as attachment for
> your reference
>
> --
> Weijun Liang
> best regard,
>
>
> *发件人：* Fabrice Durand via PacketFence-users
> 
> *发送时间：* 2022-09-22 09:59
> *收件人：* packetfence-users 
> *抄送：* Fabrice Durand 
> *主题：* Re: [PacketFence-users]Auth Failed with openldap 【2nd Try】
> Hello,
>
> it´s something like that you have to follow.
>
> https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_eap_authentication_against_openldap
>
> It´s been a long time i did that and it will probably needs to be adjusted.
>
> Let me know how it goes and provide me raddebug log if possible and i will
> try to help you.
>
> Regards
> Fabrice
>
>
> Le mer. 21 sept. 2022 à 11:54, 梁伟俊 via PacketFence-users <
> packetfence-users@lists.sourceforge.net> a écrit :
>
>> Hello
>>
>> Try it again
>>
>> --
>> liangwei...@dslyy.com
>>
>>
>> *发件人：* 梁伟俊 via PacketFence-users
>> 
>> *发送时间：* 2022-09-20 16:46
>> *收件人：* packetfence-users 
>> *抄送：* 梁伟俊 
>> *主题：* [PacketFence-users] Auth Failed with openldap
>> hello
>>
>> endpoint authenticate using Mschapv2 with openldap was failed ,
>> userpassword is plaintext in database , Is there any incorroect settings
>> there, please correct me, thanks
>>
>> (54) Tue Sep 20 14:30:07 2022: Debug:   Found Auth-Type = openldap
>> (54) Tue Sep 20 14:30:07 2022: Debug:   # Executing group from file
>> /usr/local/pf/raddb/sites-enabled/packetfence-tunnel
>> (54) Tue Sep 20 14:30:07 2022: Debug: Auth-Type openldap {
>> (54) Tue Sep 20 14:30:07 2022: WARNING: openldap: You have set "Auth-Type
>> := LDAP" somewhere
>> (54) Tue Sep 20 14:30:07 2022: WARNING: openldap:
>> *
>> (54) Tue Sep 20 14:30:07 2022: WARNING: openldap: * THAT CONFIGURATION IS
>> WRONG.  DELETE IT.
>> (54) Tue Sep 20 14:30:07 2022: WARNING: openldap: * YOU ARE PREVENTING
>> THE SERVER FROM WORKING
>> (54) Tue Sep 20 14:30:07 2022: WARNING: openldap:
>> *
>> (54) Tue Sep 20 14:30:07 2022: ERROR: openldap: Attribute "User-Password"
>> is required for authentication
>>
>> *Desktop informations :*
>>
>>- OS: win10
>>- use 802.1x
>>- PacketFence Version 12.0.0
>>
>> attach the config & erro log
>>
>>
>> --
>> best regard,
>>
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] HP 1910 (JE007A) switch configuration

[Stephen Tseen Fayum via PacketFence-users]

Hello Regimantas

I had a similar issue with HPE OfficeConnect 1950 (JG963A), but was able to
fix it by installing the ISO installation method instead of OVA
installation method
Therefore I will suggest try the ISO installation option as well

Regards

On Thu, Sep 22, 2022 at 4:17 PM Regimantas Pabrėža via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:

> Hello,
>
> I'm trying to setup HP 1910 switch to authenticate AD users via RADIUS
> (packetfence)
>
> I downloaded OVA file and uploaded to my vcenter and started the VM.
>
> I did everything as stated in documentation:
>
> https://www.packetfence.org/doc/PacketFence_Installation_Guide.htm
>
> And instead of Example Cisco Catalyst 2960 I configured HP 1910
>
>
> https://www.packetfence.org/doc/PacketFence_Network_Devices_Configuration_Gu
> ide.html#_hpe_1910_serie
> 
>
> Then I reach the testing part and connect my laptop to configured switch
> port computer pops-up sign-in option but whatever username and password I
> type in authentication fails.
>
> RADIUS audit log is empty.
>
> I'm adding some screenshots of configuration.
>
> How can I troubleshoot or debug this issue?
>
> Pagarbiai,
>
> Regimantas Pabrėža
> IT Administratorius
> UAB „Limedika“
> Erdvės g. 51, Ramučiai, LT – 52114, Kauno raj. Lietuva
> Mob. +370 675 02148
>
>
>
>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PacketFence captive portal quickstart

[Marco Naimoli via PacketFence-users]

Hello Fabrice, thank you for the answer; for simplicity I started from
scratch with a new installation and configured
the internal interface as inline l2, following the guide, but I was unable
to add "portal" as additional service: when I save,
the service disappear from the input field.
DHCP on that interface works; I've configured also a connection profile
with null authentication and filter "Network"
with the network of the internal interface. Ip forwarding is
enabled, management network has a default gateway and can connect to any
site on internet; client gets ip address
from packetfence and appears on the "Nodes" section with the status of
"Unregistered", but still the registration page
doesn't appear when I try to connect to a http:// site (like
http://www.google.com). I've also tried to set
0.0.0.0/0 on connection profile filter, but nothing changes.
I also tried to enable "Portal" on the management interface
Any hint, direction ? I've read the chapter 10 "Adding inline enforcement
to existing installation": is there other configurations
on other chapters?
Thank you
Best Regards
Marco


Il giorno gio 22 set 2022 alle ore 04:02 Fabrice Durand 
ha scritto:

> Hello Marco,
>
> you can try the inline setup.
> One interface is configured as inline l2 and the other one as the
> management interface (facing internet)
> So when you plug something in the inline network you should be able to see
> the portal. (it´s really the first thing you need to achieve)
> Btw you will have to add more config in order to do SAML.
>
> Regards
> Fabrice
>
>
> Le mar. 20 sept. 2022 à 14:23, Marco Naimoli via PacketFence-users <
> packetfence-users@lists.sourceforge.net> a écrit :
>
>> Hi, I'm new to PacketFence; I've installed a new instance (ZEN) and would
>> like to configure a
>> (simple) captive portal with SAML authentication;
>> it should be something like
>> client --> PacketFence ---> internet
>> Is this kind of setup supported ? In the documentation I find only
>> examples that involves the configuration of a switch
>> I've tried to configure it, but the client is never redirect to the
>> Identity Provider (I've configured the passthrough with the Identity
>> Provider hostname)
>> Is there any example about a Captive portal setup other than the official
>> documentation ?
>> Thank you
>> Marco
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Developer Guide Updates?

[Simon Sutcliffe via PacketFence-users]

Dear Team

We have installed V12 of Packetfence from the ZEN file.  Now that you have 
containerized much of the services it appears the guide does not really match 
any longer on how to handle changes to the captive portal

https://www.packetfence.org/doc/PacketFence_Developers_Guide.html#_captive_portal

Looking at the locations mentioned in the guide now we only see the following 
directories.

[cid:7566cb60-d334-4625-a509-2b1905e5c4e5]

How should we now make the changed to items like the logo on the logon page

Kind Regards

Simon


Simon Sutcliffe
IT Architect, Workplace Solutions

T +44 1733 336600 | M +44 7775 823368 | E 
simon.sutcli...@rhdhv.com  | W 
www.royalhaskoningdhv.com
HaskoningDHV UK Ltd., a company of Royal HaskoningDHV


[cid:85a5fa15-6f0d-4d8b-b05d-1524931a3589]

This email and any attachments are intended solely for the use of the 
addressee(s); disclosure or copying by others than the intended person(s) is 
strictly prohibited. If you have received this email in error, please treat 
this email as confidential, notify the sender and delete all copies of the 
email immediately
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Packetfence Authentication fails with Module-Failure-Message = "chrooted_mschap: No logon servers are currently available to service the logon request

[Stephen Tseen Fayum via PacketFence-users]

Hello

I am new to Packetfence, and I am trying to set it up, but I am getting the
following errors.

Module-Failure-Message = "chrooted_mschap: Program returned code (1) and
output 'No logon servers are currently available to service the logon
request. (0xc05e)'" Module-Failure-Message = "chrooted_mschap: No logon
servers are currently available to service the logon request. (0xc05e)"

Can someone help me with this?
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PacketFence captive portal quickstart

[Marco Naimoli via PacketFence-users]

Hello, just a little update: if I set browser (in the client) to http://[ip
of pf inlinel2 interface]/captive_portal everything
works as expected, the client registers successfully and its status becomes
registered
Best Regards
Marco


Il giorno gio 22 set 2022 alle ore 11:30 Marco Naimoli <
marco.naim...@unipd.it> ha scritto:

> Hello Fabrice, thank you for the answer; for simplicity I started from
> scratch with a new installation and configured
> the internal interface as inline l2, following the guide, but I was unable
> to add "portal" as additional service: when I save,
> the service disappear from the input field.
> DHCP on that interface works; I've configured also a connection profile
> with null authentication and filter "Network"
> with the network of the internal interface. Ip forwarding is
> enabled, management network has a default gateway and can connect to any
> site on internet; client gets ip address
> from packetfence and appears on the "Nodes" section with the status of
> "Unregistered", but still the registration page
> doesn't appear when I try to connect to a http:// site (like
> http://www.google.com). I've also tried to set
> 0.0.0.0/0 on connection profile filter, but nothing changes.
> I also tried to enable "Portal" on the management interface
> Any hint, direction ? I've read the chapter 10 "Adding inline enforcement
> to existing installation": is there other configurations
> on other chapters?
> Thank you
> Best Regards
> Marco
>
>
> Il giorno gio 22 set 2022 alle ore 04:02 Fabrice Durand <
> oeufd...@gmail.com> ha scritto:
>
>> Hello Marco,
>>
>> you can try the inline setup.
>> One interface is configured as inline l2 and the other one as the
>> management interface (facing internet)
>> So when you plug something in the inline network you should be able to
>> see the portal. (it´s really the first thing you need to achieve)
>> Btw you will have to add more config in order to do SAML.
>>
>> Regards
>> Fabrice
>>
>>
>> Le mar. 20 sept. 2022 à 14:23, Marco Naimoli via PacketFence-users <
>> packetfence-users@lists.sourceforge.net> a écrit :
>>
>>> Hi, I'm new to PacketFence; I've installed a new instance (ZEN) and
>>> would like to configure a
>>> (simple) captive portal with SAML authentication;
>>> it should be something like
>>> client --> PacketFence ---> internet
>>> Is this kind of setup supported ? In the documentation I find only
>>> examples that involves the configuration of a switch
>>> I've tried to configure it, but the client is never redirect to the
>>> Identity Provider (I've configured the passthrough with the Identity
>>> Provider hostname)
>>> Is there any example about a Captive portal setup other than the
>>> official documentation ?
>>> Thank you
>>> Marco
>>> ___
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users