[prev in list] [next in list] [prev in thread] [next in thread]
List: packetfence-users
Subject: Re: [PacketFence-users] Authentication rules does not work
From: "Zammit, Ludovic via PacketFence-users" <packetfence-users () lists ! sourceforge ! net
Date: 2023-07-28 12:41:06
Message-ID: 658F4AB6-5843-43AF-A545-62B3588E49CF () akamai ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello there,
If you want to do a match on specific OU, it better to change the BaseDN of the look \
up and create one source pet OU you want to match one.
Then you create a catch all rule with no conditions.
Thanks,
Ludovic Zammit
Product Support Engineer Principal Lead
Cell: +1.613.670.8432
Akamai Technologies - Inverse
145 Broadway
Cambridge, MA 02142
Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> \
<https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> \
<http://www.linkedin.com/company/akamai-technologies> \
<http://www.youtube.com/user/akamaitechnologies?feature=results_main>
> On Jul 27, 2023, at 3:03 AM, Uğur Aygün via PacketFence-users \
> <packetfence-users@lists.sourceforge.net> wrote:
> Hello all i have a basic problem in packetfence and can not be able to solve it.
>
> I have an active directory connection and I also have an authentication source. \
> like dc=domain,dc=com
> I want to simply write a rule that if a person is in specific ou like \
> ou=users,dc=domain,dc=com And i want else to not be able to connect that specific \
> ssid.
> I write it in the condition like "distinguished name is ou=users,dc=domain,dc=com
> and assign a role and duration.
>
> In the end a user from another ou for example ou=users2 can also be able to login \
> my ssid with his/her credentials.
> How can i solve this problem? Also when is try to use a more specific rule like \
> sAMAaccount name is testuser i can not be able to connect that ssid. In audit tab \
> it says there is no role to attend.
> I think this is because of active directory implementation how can i solve this?
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence \
> -users__;!!GjvTz_vk!QsMwOEo9A3o3KFif3jj9nLPdNvkFNWBfuj5TtgzAU9Je3yiAR28sJxoHlwsw0k3vSQ7y7aKYAAJkDd0QnoS3qzv8luMatcjwx_lTrQ$ \
>
[Attachment #5 (unknown)]
<html><head><meta http-equiv="content-type" content="text/html; \
charset=utf-8"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: \
space; line-break: after-white-space;">Hello there,<div><br></div><div>If you want to \
do a match on specific OU, it better to change the BaseDN of the look up and create \
one source pet OU you want to match one.</div><div><br></div><div>Then you create a \
catch all rule with no conditions.</div><div><br></div><div>Thanks,<br><div><div>
<br>
<br>
<br>
<table cellspacing="0" cellpadding="0" width="360" border="0" align="">
<tbody><tr>
<td colspan="3" valign="bottom" height="10" style="color:#0099cc; \
padding-left:0px; padding-bottom:6px; font-family:Arial, Helvetica, \
sans-serif;font-size:14px;"><strong>Ludovic Zammit</strong><br> <span \
style="color:#666666; font-size:12px;"><strong>Product Support Engineer Principal \
Lead</strong></span></td> </tr>
<tr>
<td colspan="3" valign="bottom" style="padding-bottom:6px;"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/2019/logo-no-tag-93x45.png"></td>
</tr>
<tr>
<td style="line-height: 2px; border-bottom: 1px solid #8f9194;" colspan="2" \
valign="top"></td> </tr>
<tr>
<td height="5" valign="top" style="padding-top:6px;"><font \
face="verdana,arial,geneva,helvetica,sans-serif" color="#333333" \
size="1"><strong>Cell:</strong> +1.613.670.8432<br></font></td> <td height="5" \
style="padding-top:6px;"><font face="verdana,arial,geneva,helvetica,sans-serif" \
color="#333333" size="1">Akamai Technologies - Inverse<br>145 Broadway<br>Cambridge, \
MA 02142<br></font></td> </tr>
<tr>
<td height="7" bgcolor="#ffffff" colspan="2" valign="top"></td>
</tr>
<tr>
<td width="148" height="5" valign="middle" style="padding-left:0px; padding-top: \
10px;font-family:Arial, Helvetica, sans-serif;color:#666666;">Connect with Us:</td> \
<td style="padding-left:1px; padding-top: 10px;" width="222" height="5"> <a \
href="https://community.akamai.com" target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/community.jpg" border="0" \
style="margin: 0 1px;"></a> <a href="http://blogs.akamai.com" target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/rss.png" border="0" \
style="margin: 0 1px;"></a> <a href="https://twitter.com/akamai" \
target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/twitter.png" border="0" \
style="margin: 0 1px;"></a> <a href="http://www.facebook.com/AkamaiTechnologies" \
target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/fb.png" border="0" \
style="margin: 0 1px;"></a> <a \
href="http://www.linkedin.com/company/akamai-technologies" target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/in.png" border="0" \
style="margin: 0 1px;"></a> <a \
href="http://www.youtube.com/user/akamaitechnologies?feature=results_main" \
target="_blank"><img \
src="https://www.akamai.com/us/en/multimedia/images/custom/youtube.png" border="0" \
style="margin: 0 1px;"></a>
</td>
</tr>
</tbody></table>
</div>
<div><br><blockquote type="cite"><div>On Jul 27, 2023, at 3:03 AM, Uğur Aygün via \
PacketFence-users <packetfence-users@lists.sourceforge.net> wrote:</div><br \
class="Apple-interchange-newline"><div><meta http-equiv="Content-Type" \
content="text/html; charset=utf-8"><div dir="ltr">Hello all i have a basic problem in \
packetfence and can not be able to solve it.<div><br></div><div>I have an active \
directory connection and I also have an authentication source. like \
dc=domain,dc=com</div><div><br></div><div>I want to simply write a rule that if a \
person is in specific ou like ou=users,dc=domain,dc=com</div><div>And i want \
else to not be able to connect that \
specific ssid. </div><div><br></div><div>I write it in the condition like \
"distinguished name is ou=users,dc=domain,dc=com
</div><div>and assign a role and duration.</div><div><br></div><div>In the end a user \
from another ou for example ou=users2 can also be able to login my ssid with his/her \
credentials.</div><div><br></div><div>How can i solve this problem? \
Also when is try to use a more specific rule like sAMAaccount name is \
testuser i can not be able to connect that ssid. In audit tab it says there is \
no role to attend.</div><div><br></div><div>I think this is because of active \
directory implementation how can i solve this?</div></div> \
_______________________________________________<br>PacketFence-users mailing \
list<br>PacketFence-users@lists.sourceforge.net<br>https://urldefense.com/v3/__https:/ \
/lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!QsMwOEo9A3o3KFif3 \
jj9nLPdNvkFNWBfuj5TtgzAU9Je3yiAR28sJxoHlwsw0k3vSQ7y7aKYAAJkDd0QnoS3qzv8luMatcjwx_lTrQ$ \
<br></div></blockquote></div><br></div></div></body></html>
["smime.p7s" (smime.p7s)]
0� *H
��� 0���1�0
� `H�e������0� *H
����� 0�f0�� ������>���
��hS�����
0
��*H=���0?1!0���U�
��Akamai Technologies Inc.1�0���U����AkamaiCorpRoot-G10��
150604144607Z�
250604145607Z0<1!0���U�
��Akamai Technologies \
Inc.1�0���U����AkamaiClientCA0Y0���*H=����*H=����B��4��5�Zapo� \
�qb�X�uwhW$%o�:OH��0�0�� +����7�������0���U������1fM���
,�0��U� �00��*��N� ���00X��+�������0L�J�A�k�a�m�a�i� \
�C�e�r�t�i�f�i�c�a�t�e� �P�r�a�c�t�i�c�e� \
�S�t�a�t�e�m�e�n�t06��+��������*http://akamaicrl.akamai.com/AkamaiCPS.pdf�0U��U�%�N0L��+���������+��������
+����7����
+����7
���
+����7
����+���������+������ 0�� +����7�����
�S�u�b�C�A0���U�������0���U������0���0���U�#��0���Y�9M�W \
${0��U���y0w0u s \
q1http://akamaicrl.akamai.com/AkamaiCorpRoot-G1.crl<http://akamaicrl.dfw01.corp.akam \
ai.com/AkamaiCorpRoot-G1.crl0��+��������00-��+�����0�!http://akamaiocsp.akamai. \
com/ocsp0=��+�����0�1http://akamaicrl.akamai.com/AkamaiCorpRoot-G1.crt0H��+�����0�<http://akamaicrl.dfw01.corp.akamai.com/AkamaiCorpRoot-G1.crt0
��*H=����I�0F�!�Ž�B9i�GBKJi��d����!�\K0w�{|�}�6(|�g�*=B+0��0� \
����������N?k*#�����N0 ��*H=���0<1!0���U�
��Akamai Technologies Inc.1�0���U����AkamaiClientCA0��
220323020445Z�
240322020445Z0P1�0���U����MacBook Pro-MD6P1�0���U����luzammi1!0�� *H
� ���luzammi@akamai.com0�"0
� *H
���������0�
����$ORPvmQ��}'2'AX{H4CX��d4M��;Mb8n�Vc�Z#AO� \
p�z `��so7vU^?mKv4yZթ�8�Ue=�umV��jz]~Zf]C9;I3 �'/P[
�-!B<u(`G��ag*e@
�Z0+���U���-}?�b> \
%[�X&M7�~�XI�8�������0�0���U�������0)��U�%�"0 ��+���������+�������� \
+����7 ��0���U������墂5H23R\|�0F��U���?0= '�
+����7��� ���luzammi@corp.akamai.com�luzammi@akamai.com0���U�#��0��1fM���
,�0z��U���s0q0o m k.http://akamaicrl.akamai.com/AkamaiClientCA.crl9http://akamaicrl.dfw01.corp.akamai.com/AkamaiClientCA.crl0 \
��+��������00:��+�����0�.http://akamaicrl.akamai.com/AkamaiClientCA.crt0E��+����� \
0�9http://akamaicrl.dfw01.corp.akamai.com/AkamaiClientCA.crt0-��+�����0�!http://akam \
aiocsp.akamai.com/ocsp0;� +����7���.0,�$+����7��:-�!�I���d��S05� +����7�
�(0&0
��+�������0
��+�������0��
+����7
��0D� *H
� ��7050���*H
�����0���*H
�����0���+����0
��*H
��0
��*H=����G�0D� _zDo ��k6�KS�j^L'� \
%(ϧ(ZP�y*d�ڹc�1�0����0S0<1!0���U� ��Akamai Technologies \
Inc.1�0���U����AkamaiClientCA������N?k*#�����N0 � `H�e������ i0�� *H
� �1�� *H
���0�� *H
� �1��
230728124055Z0/� *H
� �1"� V !S5RP�%dY.DR�kx0
� *H
��������NK�ߌN�f(飳�r4�ځZ���;=:_��i \
y�Ps�EcN5"T)ٕI}C�`� \
:��$-�Ϩ9Ė[�R$@&_?fG�.pf,v���%�Mr*SAv>blFrw�Cmm.�
�;ӏ�'�㳼�(/6 ߮ \
�tIr�!k:NO5g^9/RnF<]��������
[Attachment #7 (--===============7165613140088350875==)]
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic