I got it working!!
You were absolutely right about the username. The problem that I discovered
from looking at the log in details, was that was matching my other Active
Directory Authentication Source which didn’t have the “mark as sponsor” setting
configured. It was matching the first one in t
I’ll try and capture that shortly.
Just as a comparison, whenever I use a PacketFence local user that I create to
login as the sponsor, and that i’ve manually marked as a sponsor, things work
fine so it must be the AD authentication and marking as sponsor of that account
that is the problem for
Try to capture the ldap traffic to see what is returned.
Le 20-10-07 à 13 h 24, Louis Scaringella a écrit :
Thank you. I am using that name and just verified that is how it shows in AD
exactly. Whenever I log in with that user, PacketFence says that user doesn’t
have access to sponsor the user
Thank you. I am using that name and just verified that is how it shows in AD
exactly. Whenever I log in with that user, PacketFence says that user doesn’t
have access to sponsor the user. It seems to fail to recognize this user as a
sponsor.
In my AD auth source, there is an admin rule set to “
The sAMAccountName.
Le 20-10-07 à 13 h 17, Louis Scaringella a écrit :
Ok, I have exactly that in my AD auth source now.
When I login as a sponsor, what should I be using? My AD account name or email
address associated with that account and sponsorship?
Louis Scaringella
Security Systems Engi
Ok, I have exactly that in my AD auth source now.
When I login as a sponsor, what should I be using? My AD account name or email
address associated with that account and sponsorship?
Louis Scaringella
Security Systems Engineer
Yellow Dog Networks, Inc
785-342-7903
> On Oct 7, 2020, at 12:14 PM,
You are not suppose to do that.
whit that in the AD source:
email_attribute=mail
usernameattribute=sAMAccountName
you should be ok.
Le 20-10-07 à 13 h 11, Louis Scaringella a écrit :
In the AD auth source, I added “email” as a search attribute for the username.
Maybe that is what you were e
In the AD auth source, I added “email” as a search attribute for the username.
Maybe that is what you were explaining and I wasn’t quite understanding
initially?
Louis Scaringella
Security Systems Engineer
Yellow Dog Networks, Inc
785-342-7903
> On Oct 7, 2020, at 12:04 PM, Fabrice Durand wrot
I am logging in as the sponsor using the AD sAMAAccount name in this case.
However, I think the problem is that when the guest has to put in a sponsor, it
must be an email address so I think there is discrepancy there with that. It is
expecting me to login with that email address I suspect.
Do
It does authenticate me when I log in as the sponsor user, it just doesn’t
recognize that the user is a sponsor. How would it know that the user exists
and is set as a sponsor in PacketFence without that user created? Without the
user manually created, it does use AD to authenticate the sponsor
Ok, I have found a level of success with this! Not perfect, but down the right
path at least.
So, using my AD source for guest registration email, it sends the email, I
click the link, and then login with a user I created manually in PacketFence.
I went into the actions and “marked as sponsor”
Le 20-10-07 à 12 h 56, Louis Scaringella a écrit :
I am logging in as the sponsor using the AD sAMAAccount name in this case.
However, I think the problem is that when the guest has to put in a sponsor, it
must be an email address so I think there is discrepancy there with that. It is
expecti
What i think it's probably because of the username attribute in the AD
authentication source.
When you set a sponsor in the portal then packetfence try to find the
email address in the AD and check if the user account is a sponsor.
When you click on the link then the portal ask you to authent
I tried the same thing, but using Active Directory source this time as a
sponsor. It’s the same error, when a guest is signing up, they can put the
sponsor from AD in and it does send the email to the sponsor. But when sponsor
clicks the link and signs in with AD credentials, it says that the us
Of course, thank you for your help!
Here is the logs from the entire process of the guest choosing sponsor email
and then the sponsor clicking the link and trying to authenticate.
I’m using a user in /usr/local/pf/conf/admin.conf that I created as a htpasswd
file instead of Active Directory. I’
Hello Louis,
you will need to check in the packetfence.log what authentication source
is used when you log on the portal (to validate the access).
Regards
Fabrice
Le 20-10-06 à 21 h 47, Louis Scaringella via PacketFence-users a écrit :
I made some progress with this. I can now progress pas
I made some progress with this. I can now progress past the sponsor email
section and it accepts it. The sponsor gets the email, clicks the link, I login
with the sponsor account, but then it says "does not have permission to sponsor
a user”.
Any ideas now?
Louis Scaringella
Security Systems E
Hello,
I’m having an issue with the captive portal with sponsored guest access.
Basically, when I go to test this and enter a sponsor email, it tells me that
email doesn’t have access to be a sponsor. Unfortunately, there isn’t great
documentation on this process and the other posts about this
The exact message is :
Email [myem...@mydomain.com] is not allowed to sponsor guest access.
When I run the following test, it matches my authentication source which has
this marked as a sponsor.
[root@localhost bin]# ./pftest authentication lscaringe...@ydn.co xx
Testing authenticatio
Hi Christopher
On 2013-06-11, at 6:44 AM, Christopher Parker
wrote:
> I work for a local government authority in the uk and we are trying to
> develop a simple BYOD solution for our schools. We have an almost complete
> prototype built using PacketFence 3.x but we were interested in some of t
Hi,
I work for a local government authority in the uk and we are trying to develop
a simple BYOD solution for our schools. We have an almost complete prototype
built using PacketFence 3.x but we were interested in some of the new features
in PF4 and so we developed a parallel system to test it
21 matches
Mail list logo