[prev in list] [next in list] [prev in thread] [next in thread] List: packetfence-users Subject: Re: [PacketFence-users] Authentication rules does not work From: "Zammit, Ludovic via PacketFence-users" <packetfence-users () lists ! sourceforge ! net Date: 2023-07-28 12:41:06 Message-ID: 658F4AB6-5843-43AF-A545-62B3588E49CF () akamai ! com [Download RAW message or body] [Attachment #2 (multipart/alternative)] Hello there, If you want to do a match on specific OU, it better to change the BaseDN of the look \ up and create one source pet OU you want to match one. Then you create a catch all rule with no conditions. Thanks, Ludovic Zammit Product Support Engineer Principal Lead Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> \ <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> \ <http://www.linkedin.com/company/akamai-technologies> \ <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Jul 27, 2023, at 3:03 AM, Uğur Aygün via PacketFence-users \ > <packetfence-users@lists.sourceforge.net> wrote: > Hello all i have a basic problem in packetfence and can not be able to solve it. > > I have an active directory connection and I also have an authentication source. \ > like dc=domain,dc=com > I want to simply write a rule that if a person is in specific ou like \ > ou=users,dc=domain,dc=com And i want else to not be able to connect that specific \ > ssid. > I write it in the condition like "distinguished name is ou=users,dc=domain,dc=com > and assign a role and duration. > > In the end a user from another ou for example ou=users2 can also be able to login \ > my ssid with his/her credentials. > How can i solve this problem? Also when is try to use a more specific rule like \ > sAMAaccount name is testuser i can not be able to connect that ssid. In audit tab \ > it says there is no role to attend. > I think this is because of active directory implementation how can i solve this? > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence \ > -users__;!!GjvTz_vk!QsMwOEo9A3o3KFif3jj9nLPdNvkFNWBfuj5TtgzAU9Je3yiAR28sJxoHlwsw0k3vSQ7y7aKYAAJkDd0QnoS3qzv8luMatcjwx_lTrQ$ \ > [Attachment #5 (unknown)] <html><head><meta http-equiv="content-type" content="text/html; \ charset=utf-8"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: \ space; line-break: after-white-space;">Hello there,<div><br></div><div>If you want to \ do a match on specific OU, it better to change the BaseDN of the look up and create \ one source pet OU you want to match one.</div><div><br></div><div>Then you create a \ catch all rule with no conditions.</div><div><br></div><div>Thanks,<br><div><div> <br> <br> <br> <table cellspacing="0" cellpadding="0" width="360" border="0" align=""> <tbody><tr> <td colspan="3" valign="bottom" height="10" style="color:#0099cc; \ padding-left:0px; padding-bottom:6px; font-family:Arial, Helvetica, \ sans-serif;font-size:14px;"><strong>Ludovic Zammit</strong><br> <span \ style="color:#666666; font-size:12px;"><strong>Product Support Engineer Principal \ Lead</strong></span></td> </tr> <tr> <td colspan="3" valign="bottom" style="padding-bottom:6px;"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/2019/logo-no-tag-93x45.png"></td> </tr> <tr> <td style="line-height: 2px; border-bottom: 1px solid #8f9194;" colspan="2" \ valign="top"></td> </tr> <tr> <td height="5" valign="top" style="padding-top:6px;"><font \ face="verdana,arial,geneva,helvetica,sans-serif" color="#333333" \ size="1"><strong>Cell:</strong> +1.613.670.8432<br></font></td> <td height="5" \ style="padding-top:6px;"><font face="verdana,arial,geneva,helvetica,sans-serif" \ color="#333333" size="1">Akamai Technologies - Inverse<br>145 Broadway<br>Cambridge, \ MA 02142<br></font></td> </tr> <tr> <td height="7" bgcolor="#ffffff" colspan="2" valign="top"></td> </tr> <tr> <td width="148" height="5" valign="middle" style="padding-left:0px; padding-top: \ 10px;font-family:Arial, Helvetica, sans-serif;color:#666666;">Connect with Us:</td> \ <td style="padding-left:1px; padding-top: 10px;" width="222" height="5"> <a \ href="https://community.akamai.com" target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/community.jpg" border="0" \ style="margin: 0 1px;"></a> <a href="http://blogs.akamai.com" target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/rss.png" border="0" \ style="margin: 0 1px;"></a> <a href="https://twitter.com/akamai" \ target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/twitter.png" border="0" \ style="margin: 0 1px;"></a> <a href="http://www.facebook.com/AkamaiTechnologies" \ target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/fb.png" border="0" \ style="margin: 0 1px;"></a> <a \ href="http://www.linkedin.com/company/akamai-technologies" target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/in.png" border="0" \ style="margin: 0 1px;"></a> <a \ href="http://www.youtube.com/user/akamaitechnologies?feature=results_main" \ target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/youtube.png" border="0" \ style="margin: 0 1px;"></a> </td> </tr> </tbody></table> </div> <div><br><blockquote type="cite"><div>On Jul 27, 2023, at 3:03 AM, Uğur Aygün via \ PacketFence-users <packetfence-users@lists.sourceforge.net> wrote:</div><br \ class="Apple-interchange-newline"><div><meta http-equiv="Content-Type" \ content="text/html; charset=utf-8"><div dir="ltr">Hello all i have a basic problem in \ packetfence and can not be able to solve it.<div><br></div><div>I have an active \ directory connection and I also have an authentication source. like \ dc=domain,dc=com</div><div><br></div><div>I want to simply write a rule that if a \ person is in specific ou like ou=users,dc=domain,dc=com</div><div>And i want \ else to not be able to connect that \ specific ssid. </div><div><br></div><div>I write it in the condition like \ "distinguished name is ou=users,dc=domain,dc=com </div><div>and assign a role and duration.</div><div><br></div><div>In the end a user \ from another ou for example ou=users2 can also be able to login my ssid with his/her \ credentials.</div><div><br></div><div>How can i solve this problem? \ Also when is try to use a more specific rule like sAMAaccount name is \ testuser i can not be able to connect that ssid. In audit tab it says there is \ no role to attend.</div><div><br></div><div>I think this is because of active \ directory implementation how can i solve this?</div></div> \ _______________________________________________<br>PacketFence-users mailing \ list<br>PacketFence-users@lists.sourceforge.net<br>https://urldefense.com/v3/__https:/ \ /lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!QsMwOEo9A3o3KFif3 \ jj9nLPdNvkFNWBfuj5TtgzAU9Je3yiAR28sJxoHlwsw0k3vSQ7y7aKYAAJkDd0QnoS3qzv8luMatcjwx_lTrQ$ \ <br></div></blockquote></div><br></div></div></body></html> ["smime.p7s" (smime.p7s)] 0 *H 010 `He 0 *H 0f0 >