Re: [PacketFence-users] Clustering Guide Sanity Check

Seems that I had my nose on a bug. https://github.com/inverse-inc/packetfence/issues/5667 /closing Thanks all! On Tue, Jul 7, 2020 at 12:16 PM Christian McDonald wrote: > I've also discovered what appears to be an issue in haproxy-admin.conf > > https://pastebin.com/GpFQCtJD > > This line is

Re: [PacketFence-users] routed network - dhcp server on distant networks

Hello there, You could use a different DHCP server as long it distributes the correct (same) DHCP settings. You will lose some DHCP profiling finger bak feature offloading the DHCP service elsewhere. Thanks, Ludovic Zammit lzam...@inverse.ca :: +1.514.447.4918

Re: [PacketFence-users] Clustering Guide Sanity Check

The only obvious issue I see in packetfence.log related to haproxy-admin is: Jul 7 11:47:08 pf1 packetfence: -e(6841) WARN: Use of uninitialized value $portal_preview_ip in concatenation (.) or string at /usr/local/pf/lib/pf/services/manager/haproxy_admin.pm line 219.

[PacketFence-users] R: R: R: Authentication Rules mismatch

the problem seems to be the "Cache match" function - Will cache results of matching a rule. and not the cn ... if off "Cache match" in Authentication Source configuration i solve the problem thank to Ludovic Zammit for support Bye GC */*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/ */

[PacketFence-users] routed network - dhcp server on distant networks

Hello, i have read topics about routed network configuration in PF installation guide (https://packetfence.org/doc/PacketFence_Installation_Guide.html#_routed_networks). I understand that, in this case DHCP server is enable on each interfaces of the PK box, and DHCP helpers are enable on

Re: [PacketFence-users] Clustering Guide Sanity Check

Still getting the 'could not write namespace ... L2 cache' errors. On Tue, Jul 7, 2020 at 7:49 AM Nicolas Quiniou-Briand via PacketFence-users wrote: > If I was you, I will: > - break the `--force-new-cluster` command > - completely stop any MariaDB service > - restart at this step: > > #v+ >

Re: [PacketFence-users] Clustering Guide Sanity Check

Seems that the galera side is operational and replicating...I see all three nodes in incoming_addresses and operational status is 'synced' on all three nodes too. keepalive seems to be working fine too. Only problem is that haproxy-admin isn't starting on the primary node.

Re: [PacketFence-users] Clustering Guide Sanity Check

I've also discovered what appears to be an issue in haproxy-admin.conf https://pastebin.com/GpFQCtJD This line is missing an argument, which is preventing haproxy-admin from starting. http-request set-header Host On Tue, Jul 7, 2020 at 11:50 AM Christian McDonald wrote: > The only obvious

Re: [PacketFence-users] R: R: Authentication Rules mismatch

Hello, you don't have search attributes. Is it normal? Le mar. 7 juil. 2020 à 14:45, Giacinto Caretto via PacketFence-users < packetfence-users@lists.sourceforge.net> a écrit : > in the test i use "giacinto.caretto" as user ; the correct rule is the > second a not the first > > > Authentication

[PacketFence-users] R: R: Authentication Rules mismatch

in the test i use "giacinto.caretto" as user ; the correct rule is the second a not the first Authentication Source “DIPENDENTI-Test” [DIPENDENTI-Test] cache_match=0 read_timeout=10 realms=default,eneait,null basedn=OU=UO-Dipendenti,DC=XXX,DC=YY monitor=0 password= shuffle=0

Re: [PacketFence-users] Clustering Guide Sanity Check

If I was you, I will: - break the `--force-new-cluster` command - completely stop any MariaDB service - restart at this step: #v+ systemctl stop packetfence-mariadb /usr/local/pf/bin/pfcmd generatemariadbconfig /usr/local/pf/sbin/pf-mariadb --force-new-cluster #v- -- Nicolas Quiniou-Briand

Re: [PacketFence-users] R: Authentication Rules mismatch

Hello, It's simply because your first rule match and PacketFence stop at first match. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

[PacketFence-users] R: Authentication Rules mismatch

I did a test through a physical pc I used the user "giacinto.caretto" which in the Authentication Source "DIPENDENTI-Test" has a specific "Authentication Rules" (access duration 3h) but the algorithm assigns the "access duration" of the "authentication rules" built for the user "