[prev in list] [next in list] [prev in thread] [next in thread]
List: packetfence-users
Subject: Re: [PacketFence-users] custom realm is not in use
From: Jitendra Gondaliya via PacketFence-users <packetfence-users () lists ! sourceforge ! ne
Date: 2020-09-30 12:53:34
Message-ID: d3b1e7bfb3fa4268bb05392edb694c07 () WINHEXBEEU113 ! win ! mail
[Download RAW message or body]
[Attachment #2 (text/plain)]
I can share output from "raddebug -t 300 -f /usr/local/pf/var/run/radiusd.sock" \
tomorrow morning, this will have more details.
Regards,
Jitendra Gondaliya
Information Technology Security Co LLC
Mob : +968 94583036
From: Ludovic Zammit <lzammit@inverse.ca>
Sent: Wednesday, September 30, 2020 4:43 PM
To: Jitendra Gondaliya <jitendra@itscoman.com>
Cc: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] custom realm is not in use
Sorry, it was:
zcat packetfence.log-20200929.gz | grep autz
Thanks,
Ludovic Zammit
lzammit@inverse.ca<mailto:lzammit@inverse.ca> :: +1.514.447.4918 (x145) :: \
www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence \
(http://packetfence.org)
On Sep 30, 2020, at 8:17 AM, Jitendra Gondaliya \
<jitendra@itscoman.com<mailto:jitendra@itscoman.com>> wrote:
Hi,
[root@tccpf1 logs]# zcat packetfence.log-20200929.gz | grep auth
Sep 28 16:07:32 tccpf1 packetfence: pfperl-api(26145) INFO: Found a realm source \
local for user admin in realm null. \
(pf::authentication::adminAuthentication)
Sep 28 16:07:32 tccpf1 packetfence: pfperl-api(26145) INFO: Authentication successful \
for admin in source local (SQL) (pf::authentication::authenticate)
Sep 28 16:07:32 tccpf1 packetfence: pfperl-api(26145) INFO: Using sources local for \
matching (pf::authentication::match2)
Sep 28 16:15:01 tccpf1 packetfence: pfperl-api(19958) INFO: Daemon radiusd-auth took \
10.412 seconds to start. (pf::services::manager::restartService)
Sep 28 16:24:13 tccpf1 packetfence: pfperl-api(22254) INFO: Daemon radiusd-auth took \
5.742 seconds to start. (pf::services::manager::restartService)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::authentication_config_hash. Master \
resource is config::Authentication() (pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Hard expiring resource : resource::authentication_config_hash() \
(pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::authentication_lookup. Master \
resource is config::Authentication() (pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Hard expiring resource : resource::authentication_lookup() \
(pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::authentication_sources. Master \
resource is config::Authentication() (pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Hard expiring resource : resource::authentication_sources() \
(pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::passthroughs. Master resource is \
resource::authentication_sources() (pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::authentication_sources_monitored. \
Master resource is config::Authentication() \
(pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Hard expiring resource : resource::authentication_sources_monitored() \
(pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::authentication_sources_ldap. Master \
resource is config::Authentication() (pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Hard expiring resource : resource::authentication_sources_ldap() \
(pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::passthroughs. Master resource is \
resource::authentication_sources_ldap() (pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::authentication_sources_radius. Master \
resource is config::Authentication() (pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Hard expiring resource : resource::authentication_sources_radius() \
(pfconfig::manager::expire)
Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: httpd.webservices(13552) INFO: \
[mac:unknown] Expiring child resource resource::passthroughs. Master resource is \
resource::authentication_sources_radius() (pfconfig::manager::expire)
Sep 28 16:27:51 tccpf1 packetfence: pfperl-api(30115) INFO: Daemon radiusd-auth took \
5.032 seconds to start. (pf::services::manager::restartService)
Sep 28 16:28:07 tccpf1 packetfence_httpd.webservices: httpd.webservices(13090) INFO: \
[mac:unknown] Processing rule 'pf_deauth_from_wireless_secure' \
(pf::config::builder::filter_engine::buildEntry)
Sep 28 16:29:01 tccpf1 packetfence: pfperl-api(22254) INFO: Daemon radiusd-auth took \
5.684 seconds to start. (pf::services::manager::restartService)
Sep 28 16:35:35 tccpf1 packetfence: pfperl-api(7077) INFO: Daemon radiusd-auth took \
5.778 seconds to start. (pf::services::manager::restartService)
Sep 28 16:38:12 tccpf1 packetfence: pfperl-api(14390) INFO: Daemon radiusd-auth took \
10.806 seconds to start. (pf::services::manager::restartService)
Sep 28 16:40:14 tccpf1 packetfence: pfperl-api(22254) INFO: Daemon radiusd-auth took \
6.227 seconds to start. (pf::services::manager::restartService)
Sep 28 16:44:03 tccpf1 packetfence: pfperl-api(30115) INFO: Daemon radiusd-auth took \
5.572 seconds to start. (pf::services::manager::restartService)
Sep 28 16:45:05 tccpf1 packetfence: pfperl-api(7077) INFO: Daemon radiusd-auth took \
5.387 seconds to start. (pf::services::manager::restartService)
Sep 28 16:49:53 tccpf1 packetfence: pfperl-api(19958) INFO: Daemon radiusd-auth took \
5.657 seconds to start. (pf::services::manager::restartService)
Sep 28 16:51:07 tccpf1 packetfence: pfperl-api(30115) INFO: Daemon radiusd-auth took \
5.423 seconds to start. (pf::services::manager::restartService)
Sep 28 16:54:20 tccpf1 packetfence: pfperl-api(14390) INFO: Daemon radiusd-auth took \
10.584 seconds to start. (pf::services::manager::restartService)
Sep 28 16:55:32 tccpf1 packetfence: pfperl-api(22254) INFO: Daemon radiusd-auth took \
5.292 seconds to start. (pf::services::manager::restartService) [root@tccpf1 logs]#
Regards,
Jitendra Gondaliya
Information Technology Security Co LLC
Mob : +968 94583036
From: Ludovic Zammit <lzammit@inverse.ca<mailto:lzammit@inverse.ca>>
Sent: Wednesday, September 30, 2020 4:12 PM
To: Jitendra Gondaliya <jitendra@itscoman.com<mailto:jitendra@itscoman.com>>
Cc: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
Subject: Re: [PacketFence-users] custom realm is not in use
ok, try that:
grep auth /usr/local/pf/logs/packetfence.log
Give me the output, remove personal infos. (except the realm ;-) )
Thanks,
Ludovic Zammit
lzammit@inverse.ca<mailto:lzammit@inverse.ca> :: +1.514.447.4918 (x145) :: \
www.inverse.ca<http://www.inverse.ca/>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu<http://www.sogo.nu/>) and \
PacketFence (http://packetfence.org<http://packetfence.org/>)
On Sep 30, 2020, at 8:10 AM, Jitendra Gondaliya \
<jitendra@itscoman.com<mailto:jitendra@itscoman.com>> wrote:
Hi,
Realm "DEFAULT" is in use for every authentication, we can see this in audit logs. We \
are restarting radiusd from the realm page every time we make changes or add new \
realm.
Regards,
Jitendra Gondaliya
Information Technology Security Co LLC
Mob : +968 94583036
From: Ludovic Zammit <lzammit@inverse.ca<mailto:lzammit@inverse.ca>>
Sent: Wednesday, September 30, 2020 4:08 PM
To: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
Cc: Jitendra Gondaliya <jitendra@itscoman.com<mailto:jitendra@itscoman.com>>
Subject: Re: [PacketFence-users] custom realm is not in use
Hello,
The realm case is very important, check in your packetfence.log or the auditing which \
REALM is used and adjust accordingly.
Make sure to restart radiusd, it's required when you add or remove a new realm.
Thanks,
Ludovic Zammit
lzammit@inverse.ca<mailto:lzammit@inverse.ca> :: +1.514.447.4918 (x145) :: \
www.inverse.ca<http://www.inverse.ca/>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu<http://www.sogo.nu/>) and \
PacketFence (http://packetfence.org<http://packetfence.org/>)
On Sep 29, 2020, at 1:31 AM, Jitendra Gondaliya via PacketFence-users \
<packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> \
wrote:
Hi Team,
In our setup we have added Active Directory and created realm with name of Active \
Directory as can be seen in the snapshot below.
<image003.png>
We have cisco 2950 switch configured for 802.1x authentication, issue is \
authentication works fine only when we add doman in DEFAULT realm also and \
authentication is against DEFAULT realm only. Authentiation failes on removing domain \
from DEFAULT realm and it does not go to realm OMANMOBILE.CO.OM even though correct \
domain is defined in there.
Request you correct us, where are we making mistake ?
Regards,
Jitendra Gondaliya
Information Technology Security Co LLC
Mob : +968 94583036
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">I can share output from "raddebug -t 300 -f \
/usr/local/pf/var/run/radiusd.sock" tomorrow morning, this will have more details. \
<o:p></o:p></p> <p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#0D0D0D">Jitendra \
Gondaliya<o:p></o:p></span></p> <p class="MsoNormal" \
style="margin-bottom:3.0pt"><span style="font-size:9.0pt;color:gray">Information \
Technology Security Co LLC</span><span \
style="font-size:9.0pt;color:#1F4E79"><o:p></o:p></span></p> <p \
class="MsoNormal"><span style="font-size:9.0pt;color:gray">Mob : +968 \
94583036</span><span style="font-size:9.0pt;color:#1F4E79"><o:p></o:p></span></p> \
</div> <p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Ludovic Zammit <lzammit@inverse.ca> <br>
<b>Sent:</b> Wednesday, September 30, 2020 4:43 PM<br>
<b>To:</b> Jitendra Gondaliya <jitendra@itscoman.com><br>
<b>Cc:</b> packetfence-users@lists.sourceforge.net<br>
<b>Subject:</b> Re: [PacketFence-users] custom realm is not in use<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Sorry, it was:<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">zcat packetfence.log-20200929.gz | grep autz<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
</div>
<div>
<div>
<pre><span style="color:black"><br>Ludovic Zammit<o:p></o:p></span></pre>
<pre><span style="color:black"><a \
href="mailto:lzammit@inverse.ca">lzammit@inverse.ca</a> :: +1.514.447.4918 \
(x145) :: <a href="http://www.inverse.ca">www.inverse.ca</a><o:p></o:p></span></pre>
<pre><span style="color:black">Inverse inc. :: Leaders behind SOGo (<a \
href="http://www.sogo.nu">http://www.sogo.nu</a>) and PacketFence (<a \
href="http://packetfence.org">http://packetfence.org</a>) <o:p></o:p></span></pre> \
<div> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:black"><br \
style="font-variant-caps: normal;orphans: auto;text-align:start;widows: \
auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px"> \
<br> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><br>
<br>
<o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On Sep 30, 2020, at 8:17 AM, Jitendra Gondaliya <<a \
href="mailto:jitendra@itscoman.com">jitendra@itscoman.com</a>> \
wrote:<o:p></o:p></p> </div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">Hi,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">[root@tccpf1 logs]# zcat packetfence.log-20200929.gz | grep \
auth<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:07:32 tccpf1 packetfence: pfperl-api(26145) INFO: \
Found a realm source local for user admin in realm null. \
(pf::authentication::adminAuthentication)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:07:32 tccpf1 packetfence: pfperl-api(26145) INFO: \
Authentication successful for admin in source local (SQL) \
(pf::authentication::authenticate)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:07:32 tccpf1 packetfence: pfperl-api(26145) INFO: \
Using sources local for matching (pf::authentication::match2)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:15:01 tccpf1 packetfence: pfperl-api(19958) INFO: \
Daemon radiusd-auth took 10.412 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:24:13 tccpf1 packetfence: pfperl-api(22254) INFO: \
Daemon radiusd-auth took 5.742 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::authentication_config_hash. Master resource is config::Authentication() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Hard expiring resource : \
resource::authentication_config_hash() (pfconfig::manager::expire)<o:p></o:p></p> \
</div> <div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::authentication_lookup. Master resource is config::Authentication() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Hard expiring resource : \
resource::authentication_lookup() (pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::authentication_sources. Master resource is config::Authentication() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Hard expiring resource : \
resource::authentication_sources() (pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::passthroughs. Master resource is resource::authentication_sources() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::authentication_sources_monitored. Master resource is \
config::Authentication() (pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Hard expiring resource : \
resource::authentication_sources_monitored() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::authentication_sources_ldap. Master resource is config::Authentication() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Hard expiring resource : \
resource::authentication_sources_ldap() (pfconfig::manager::expire)<o:p></o:p></p> \
</div> <div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::passthroughs. Master resource is resource::authentication_sources_ldap() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::authentication_sources_radius. Master resource is config::Authentication() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Hard expiring resource : \
resource::authentication_sources_radius() (pfconfig::manager::expire)<o:p></o:p></p> \
</div> <div>
<p class="MsoNormal">Sep 28 16:27:47 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13552) INFO: [mac:unknown] Expiring child resource \
resource::passthroughs. Master resource is resource::authentication_sources_radius() \
(pfconfig::manager::expire)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:27:51 tccpf1 packetfence: pfperl-api(30115) INFO: \
Daemon radiusd-auth took 5.032 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:28:07 tccpf1 packetfence_httpd.webservices: \
httpd.webservices(13090) INFO: [mac:unknown] Processing rule \
'pf_deauth_from_wireless_secure' \
(pf::config::builder::filter_engine::buildEntry)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:29:01 tccpf1 packetfence: pfperl-api(22254) INFO: \
Daemon radiusd-auth took 5.684 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:35:35 tccpf1 packetfence: pfperl-api(7077) INFO: \
Daemon radiusd-auth took 5.778 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:38:12 tccpf1 packetfence: pfperl-api(14390) INFO: \
Daemon radiusd-auth took 10.806 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:40:14 tccpf1 packetfence: pfperl-api(22254) INFO: \
Daemon radiusd-auth took 6.227 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:44:03 tccpf1 packetfence: pfperl-api(30115) INFO: \
Daemon radiusd-auth took 5.572 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:45:05 tccpf1 packetfence: pfperl-api(7077) INFO: \
Daemon radiusd-auth took 5.387 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:49:53 tccpf1 packetfence: pfperl-api(19958) INFO: \
Daemon radiusd-auth took 5.657 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:51:07 tccpf1 packetfence: pfperl-api(30115) INFO: \
Daemon radiusd-auth took 5.423 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:54:20 tccpf1 packetfence: pfperl-api(14390) INFO: \
Daemon radiusd-auth took 10.584 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Sep 28 16:55:32 tccpf1 packetfence: pfperl-api(22254) INFO: \
Daemon radiusd-auth took 5.292 seconds to start. \
(pf::services::manager::restartService)<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">[root@tccpf1 logs]#<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">Regards,</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">Jitendra \
Gondaliya</span><o:p></o:p></p> </div>
<p class="MsoNormal" style="margin-bottom:3.0pt"><span \
style="font-size:9.0pt;color:gray">Information Technology Security Co \
LLC</span><o:p></o:p></p> <div>
<p class="MsoNormal"><span style="font-size:9.0pt;color:gray">Mob : +968 \
94583036</span><o:p></o:p></p> </div>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<div>
<p class="MsoNormal"><b>From:</b><span \
class="apple-converted-space"> </span>Ludovic Zammit <<a \
href="mailto:lzammit@inverse.ca">lzammit@inverse.ca</a>><span \
class="apple-converted-space"> </span><br> <b>Sent:</b><span \
class="apple-converted-space"> </span>Wednesday, September 30, 2020 4:12 PM<br> \
<b>To:</b><span class="apple-converted-space"> </span>Jitendra Gondaliya <<a \
href="mailto:jitendra@itscoman.com">jitendra@itscoman.com</a>><br> <b>Cc:</b><span \
class="apple-converted-space"> </span><a \
href="mailto:packetfence-users@lists.sourceforge.net">packetfence-users@lists.sourceforge.net</a><br>
<b>Subject:</b><span class="apple-converted-space"> </span>Re: \
[PacketFence-users] custom realm is not in use<o:p></o:p></p> </div>
</div>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">ok, try that:<o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">grep auth /usr/local/pf/logs/packetfence.log<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">Give me the output, remove personal infos. (except the realm ;-) \
)<o:p></o:p></p> </div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
</div>
<div>
<div>
<pre><br>Ludovic Zammit<o:p></o:p></pre>
<pre><a href="mailto:lzammit@inverse.ca">lzammit@inverse.ca</a> :: \
+1.514.447.4918 (x145) :: <a \
href="http://www.inverse.ca/">www.inverse.ca</a><o:p></o:p></pre> <pre>Inverse inc. \
:: Leaders behind SOGo (<a href="http://www.sogo.nu/">http://www.sogo.nu</a>) and \
PacketFence (<a href="http://packetfence.org/">http://packetfence.org</a>) \
<o:p></o:p></pre> <div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"><br> <br>
<br>
</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"><br>
<br>
<br>
<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal">On Sep 30, 2020, at 8:10 AM, Jitendra Gondaliya <<a \
href="mailto:jitendra@itscoman.com">jitendra@itscoman.com</a>> \
wrote:<o:p></o:p></p> </div>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<div>
<div>
<p class="MsoNormal">Hi,<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">Realm "DEFAULT" is in use for every authentication, we can see \
this in audit logs. We are restarting radiusd from the realm page every time we make \
changes or add new realm.<o:p></o:p></p> </div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">Regards,</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">Jitendra \
Gondaliya</span><o:p></o:p></p> </div>
</div>
<p class="MsoNormal" style="margin-bottom:3.0pt"><span \
style="font-size:9.0pt;color:gray">Information Technology Security Co \
LLC</span><o:p></o:p></p> <div>
<div>
<p class="MsoNormal"><span style="font-size:9.0pt;color:gray">Mob : +968 \
94583036</span><o:p></o:p></p> </div>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<div>
<div>
<p class="MsoNormal"><b>From:</b><span \
class="apple-converted-space"> </span>Ludovic Zammit <<a \
href="mailto:lzammit@inverse.ca">lzammit@inverse.ca</a>><span \
class="apple-converted-space"> </span><br> <b>Sent:</b><span \
class="apple-converted-space"> </span>Wednesday, September 30, 2020 4:08 PM<br> \
<b>To:</b><span class="apple-converted-space"> </span><a \
href="mailto:packetfence-users@lists.sourceforge.net">packetfence-users@lists.sourceforge.net</a><br>
<b>Cc:</b><span class="apple-converted-space"> </span>Jitendra Gondaliya <<a \
href="mailto:jitendra@itscoman.com">jitendra@itscoman.com</a>><br> \
<b>Subject:</b><span class="apple-converted-space"> </span>Re: \
[PacketFence-users] custom realm is not in use<o:p></o:p></p> </div>
</div>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">Hello,<o:p></o:p></p>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal">The realm case is very important, check in your packetfence.log \
or the auditing which REALM is used and adjust accordingly.<o:p></o:p></p> </div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal">Make sure to restart radiusd, it's required when you add or \
remove a new realm.<o:p></o:p></p> </div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
</div>
</div>
<div>
<div>
<pre><br>Ludovic Zammit<o:p></o:p></pre>
<pre><a href="mailto:lzammit@inverse.ca">lzammit@inverse.ca</a> :: \
+1.514.447.4918 (x145) :: <a \
href="http://www.inverse.ca/">www.inverse.ca</a><o:p></o:p></pre> <pre>Inverse inc. \
:: Leaders behind SOGo (<a href="http://www.sogo.nu/">http://www.sogo.nu</a>) and \
PacketFence (<a href="http://packetfence.org/">http://packetfence.org</a>) \
<o:p></o:p></pre> <div>
<div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"> </span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"><br> <br>
<br>
<br>
</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><br>
<br>
<br>
<br>
<o:p></o:p></p>
</div>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<div>
<div>
<p class="MsoNormal">On Sep 29, 2020, at 1:31 AM, Jitendra Gondaliya via \
PacketFence-users <<a \
href="mailto:packetfence-users@lists.sourceforge.net">packetfence-users@lists.sourceforge.net</a>> \
wrote:<o:p></o:p></p> </div>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<div>
<div>
<p class="MsoNormal">Hi Team,<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal">In our setup we have added Active Directory and created realm \
with name of Active Directory as can be seen in the snapshot below.<o:p></o:p></p> \
</div> </div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><image003.png><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D"> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">We have cisco 2950 switch configured \
for 802.1x authentication, issue is authentication works fine only when we add doman \
in DEFAULT realm also and authentication is against DEFAULT realm only. Authentiation \
failes on removing domain from DEFAULT realm and it does not go to realm \
OMANMOBILE.CO.OM even though correct domain is defined in \
there.</span><o:p></o:p></p> </div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D"> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">Request you correct us, where are we \
making mistake ? </span><o:p></o:p></p> </div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D"> </span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">Regards,</span><o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="color:#0D0D0D">Jitendra \
Gondaliya</span><o:p></o:p></p> </div>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:3.0pt"><span \
style="font-size:9.0pt;color:gray">Information Technology Security Co \
LLC</span><o:p></o:p></p> <div>
<div>
<div>
<p class="MsoNormal"><span style="font-size:9.0pt;color:gray">Mob : +968 \
94583036</span><o:p></o:p></p> </div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif">_______________________________________________<br>
PacketFence-users mailing list<br>
</span><a href="mailto:PacketFence-users@lists.sourceforge.net"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif">PacketFence-users@lists.sourceforge.net</span></a><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"><br> </span><a \
href="https://lists.sourceforge.net/lists/listinfo/packetfence-users"><span \
style="font-size:9.0pt;font-family:"Helvetica",sans-serif">https://lists.sourceforge.net/lists/listinfo/packetfence-users</span></a><o:p></o:p></p>
</div>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</body>
</html>
[Attachment #4 (--===============0693628805702836338==)]
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic