Re: [PacketFence-users] Help on AD and Realms conf on PF cluster

2023-06-22 Thread Fabrice Durand via PacketFence-users 
Hello Adrian,

in fact when the doc say to join then it a samba join.
So each servers needs to be joined to the domain (you should see a machine
account for each of them in the AD).

Regards
Fabrice


Le jeu. 22 juin 2023 à 11:54, Adrian Dessaigne via PacketFence-users <
packetfence-users@lists.sourceforge.net> a écrit :

> Hello team !
>
> I have recentrly set up a new instance of PacketFence wich have 3 servers
> and clusturised using the "Clustering Guide".
> It work good and no issues on synching. However I'm confused on how you're
> supposed to configure the AD and the Realms on a cluster setup.
>
> In the install documentation, it's mentionned : "If you are using an
> Active/Active cluster, each member of the cluster must be joined
> separately. Please follow the instructions in the PacketFence Clustering
> Guide."
> But on the clustering guide : "Next, make sure to join domains through
> Configuration → Policies And Access Control → Domains → Active Directory
> Domains on each node"
>
> At first I tough the AD Domains configs weren't synchronised but they are.
> So am I supposed to add a domain for each servers ? (if I only add one,
> synch, and I then join one by one, the previous servers loose the link and
> the join don't work anymore).
>
> If I have to add 3 domains configuration, one for each server, how do I
> configure the realms since I can only bind one domain ?
>
> I tested a few configuration but none are suitable.
>
> What is the best practice and what's the good way to configure the AD +
> Realms on a cluster ?
>
> Thanks a lot for your answers.
> Greats,
> Adrian.
> EnregistrerEnregistrer
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Radius - AD

2023-06-22 Thread Jose Rivero via PacketFence-users 
Hello friends, it is my first time to set up this system. Follow the 
documentation to link to my domain controller. But I don't understand why the 
Radius server accepts any user pass when it performs a verification test. Have 
you ever had this problem?


Grateful for your support.

Jose Rivero
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Help on AD and Realms conf on PF cluster

2023-06-22 Thread Adrian Dessaigne via PacketFence-users 
Hello team ! 

I have recentrly set up a new instance of PacketFence wich have 3 servers and 
clusturised using the "Clustering Guide". 
It work good and no issues on synching. However I'm confused on how you're 
supposed to configure the AD and the Realms on a cluster setup. 

In the install documentation, it's mentionned : "If you are using an 
Active/Active cluster, each member of the cluster must be joined separately. 
Please follow the instructions in the PacketFence Clustering Guide." 
But on the clustering guide : "Next, make sure to join domains through 
Configuration → Policies And Access Control → Domains → Active Directory 
Domains on each node" 

At first I tough the AD Domains configs weren't synchronised but they are. So 
am I supposed to add a domain for each servers ? (if I only add one, synch, and 
I then join one by one, the previous servers loose the link and the join don't 
work anymore). 

If I have to add 3 domains configuration, one for each server, how do I 
configure the realms since I can only bind one domain ? 

I tested a few configuration but none are suitable. 

What is the best practice and what's the good way to configure the AD + Realms 
on a cluster ? 

Thanks a lot for your answers. 
Greats, 
Adrian. 
Enregistrer Enregistrer 
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Google LDAPs - 802.1x User Authentication - Regarding

2023-06-22 Thread Zammit, Ludovic via PacketFence-users 
Hello,

The answer in probably in the logs.

/usr/local/pf/logs/packetfence.log

/usr/local/pf/logs/radius.log

Thanks,

Ludovic Zammit
Product Support Engineer Principal Lead

Cell: +1.613.670.8432
Akamai Technologies - Inverse
145 Broadway
Cambridge, MA 02142
Connect with Us:   
    
  
  


> On Jun 16, 2023, at 7:32 AM, P.Thirunavukkarasu via PacketFence-users 
>  wrote:
> 
> Hi Team,
> We configured the packetfence for 802.1x wifi authentication with Google LDAPs
> 
> Users authentication happened with Android mobile, at the same time the same 
> user could not authenticate their credentials in Windows devices and failed 
> to connect with Wi-Fi
> What is the issue? Is it due to the server certificate issue?
> Thanks & Regards,
> Thirunavukkarasu
> 
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!XJWtMEkkDnGHAM0XG0hsuAJ82hfMyB7XUm5CzxAPsz2LemceFcHFzLC5Y2FgbNKLc59SomFXSnMUOF502CNm7AhVcQu0jfVsCuTDyA$
>  



smime.p7s
Description: S/MIME cryptographic signature
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Packetfence integration with Crowdstrike and Mimecast

2023-06-22 Thread Jimmy Sia via PacketFence-users 
Hi,

I would like to know if there is a  prebuild API of packetfence for
integration with Crowdstrike and Mimecast. Otherwise, is there any way we
can customize the PF API for the purpose? Says integrates with mimecast,
and based on Mimecast event logs of malicious attachment in an email sent
to a user mailbox, that event get feeds to PF for isolation of the user's
laptop. Or integrates with Crowdstrike, based on IOC Or threat detection
event of the user's laptop, the events get feeds to PF for isolation of the
user laptop from the network.

Just want to know if the integration between the 2 and PF is possible?

Thanks.
Jimmy
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Packetfence integration with crowdstrike and mimecast

2023-06-22 Thread Jimmy Sia via PacketFence-users 
Hi,

Does anyone know if packetfence can be integrated with mimecast and
crowdstrike?
Any relevant documentation would be good.

Thanks.
Jimmy
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Google LDAPs - 802.1x User Authentication - Regarding

2023-06-22 Thread P.Thirunavukkarasu via PacketFence-users 
Hi Team,
We configured the packetfence for 802.1x wifi authentication with Google
LDAPs

Users authentication happened with Android mobile, at the same time the
same user could not authenticate their credentials in Windows devices and
failed to connect with Wi-Fi
What is the issue? Is it due to the server certificate issue?
Thanks & Regards,
Thirunavukkarasu
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users