Menu
▾
▴
Re: [PacketFence-users] auto-registration of node failed max nodes per pid met or exceeded
|
From: Pizu <piz...@gm...> - 2018-07-23 14:04:25
|
We just found the issue, spelling mistake in the authentication sources.
Regards,
Pizu
On Mon, 23 Jul 2018 at 14:57, Fabrice Durand <fd...@in...> wrote:
> So this is your issue , you need to have a rule that return a role for
> this username (a sort of catch all rule if you don't have any).
>
> Regards
>
> Fabrice
>
>
>
> Le 2018-07-23 à 03:18, Pizu a écrit :
>
> Hi,
>
> Thanks for your reply and sorry for not sending before.
>
> The role that is assigned to the users that are not working are not
> returning when using: ./pftest authentication username.password "" - The
> Role is created for sure as i can assign it manually.
>
> Regards,
>
> Pizu
>
>
> On Thu, 19 Jul 2018 at 04:03, Durand fabrice via PacketFence-users <
> pac...@li...> wrote:
>
>> Hello Pizu,
>>
>> your issue is there:
>>
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260) WARN:
>> [mac:8c:be:be:02:2c:82] No role specified or found for pid
>> corporate\user.surname (MAC 8c:be:be:02:2c:82); assume maximum number of
>> registered nodes is reache
>> d (pf::node::is_max_reg_nodes_reached)
>>
>> Can you try that and paste the result:
>>
>>
>> pftest authentication corporate\user.surname ""
>>
>> Regards
>>
>> Fabrice
>>
>>
>> Le 2018-07-17 à 10:29, Pizu via PacketFence-users a écrit :
>>
>> Hi,
>>
>> After fresh installation of v8.1, we are having issue's with users
>> having: auto-registration of node failed max nodes per pid met or exceeded
>> ... which is not true. also users are not being registered.
>>
>> Logs:
>>
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260) INFO:
>> [mac:8c:be:be:02:2c:82] handling radius autz request: from switch_ip =>
>> (10.53.0.1), connection_type => Wireless-802.11-EAP,switch_mac =>
>> (6c:dd:30:4a:41:00),
>> mac => [8c:be:be:02:2c:82], port => 8, username =>
>> "corporate\user.surname" (pf::radius::authorize)
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260) INFO:
>> [mac:8c:be:be:02:2c:82] Instantiate profile corporate
>> (pf::Connection::ProfileFactory::_from_profile)
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260) INFO:
>> [mac:8c:be:be:02:2c:82] Found authentication source(s) : 'corporateintra'
>> for realm 'corporate' (pf::config::util::filter_authentication_sources)
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260) WARN:
>> [mac:8c:be:be:02:2c:82] Calling match with empty/invalid rule class.
>> Defaulting to 'authentication' (pf::authentication::match2)
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260) INFO:
>> [mac:8c:be:be:02:2c:82] Using sources corporateintra for matching
>> (pf::authentication::match2)
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260) WARN:
>> [mac:8c:be:be:02:2c:82] No role specified or found for pid
>> corporate\user.surname (MAC 8c:be:be:02:2c:82); assume maximum number of
>> registered nodes is reache
>> d (pf::node::is_max_reg_nodes_reached)
>> Jul 17 15:36:57 sernamehere pfqueue: pfqueue(11539) INFO: [mac:unknown]
>> undefined source id provided (pf::lookup::person::lookup_person)
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260)
>> ERROR: [mac:8c:be:be:02:2c:82] max nodes per pid met or exceeded -
>> registration of 8c:be:be:02:2c:82 to corporate\user.surname failed
>> (pf::registration::setup_node_
>> for_registration)
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260)
>> ERROR: [mac:8c:be:be:02:2c:82] auto-registration of node failed max nodes
>> per pid met or exceeded (pf::radius::authorize)
>> Jul 17 15:36:57 sernamehere pfqueue: pfqueue(11551) INFO:
>> [mac:00:15:00:c6:ae:fd] Sending a firewall SSO 'Update' request for MAC
>> '00:15:00:c6:ae:fd' and IP '10.15.32.111' (pf::firewallsso::do_sso)
>> Jul 17 15:36:57 sernamehere packetfence_httpd.aaa: httpd.aaa(29260)
>> ERROR: [mac:8c:be:be:02:2c:82] Database query failed with non retryable
>> error: Cannot add or update a child row: a foreign key constraint fails
>> (`pf`.`node`, CONSTR
>> AINT `0_57` FOREIGN KEY (`tenant_id`, `pid`) REFERENCES `person`
>> (`tenant_id`, `pid`) ON DELETE CASCADE ON UPDATE CASCADE) (errno: 1452)
>> [INSERT INTO `node` ( `autoreg`, `bandwidth_balance`, `bypass_role_id`,
>> `bypass_vlan`, `category_id`
>> , `computername`, `detect_date`, `device_class`, `device_manufacturer`,
>> `device_score`, `device_type`, `device_version`, `dhcp6_enterprise`,
>> `dhcp6_fingerprint`, `dhcp_fingerprint`, `dhcp_vendor`, `last_arp`,
>> `last_dhcp`, `last_seen`, `l
>> astskip`, `mac`, `machine_account`, `notes`, `pid`, `regdate`,
>> `sessionid`, `status`, `tenant_id`, `time_balance`, `unregdate`,
>> `user_agent`, `voip`) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
>> ?, ?, ?, NOW(), ?, ?, ?, ?, ?, ?,
>> ?, ?, ?, ?, ?, ?, ? ) ON DUPLICATE KEY UPDATE `autoreg` = ?, `last_seen`
>> = NOW(), `notes` = ?, `pid` = ?, `status` = ?, `tenant_id` = ?]{yes, NULL,
>> NULL, NULL, NULL, NULL, 2018-07-17 12:48:59, NULL, NULL, NULL, NULL, NULL,
>> NULL, NULL, N
>> ULL, NULL, 0000-00-00 00:00:00, 0000-00-00 00:00:00, 0000-00-00 00:00:00,
>> 8c:be:be:02:2c:82, NULL, AUTO-REGISTERED, corporate\user.surname,
>> 0000-00-00 00:00:00, NULL, reg, 1, NULL, 0000-00-00 00:00:00, NULL, no,
>> yes, AUTO-REGISTERED, cor
>> porate\user.surname, reg, 1} (pf::dal::db_execute)
>>
>>
>> Regards,
>>
>> Pizu
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>
>>
>>
>> _______________________________________________
>> PacketFence-users mailing lis...@li...://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> PacketFence-users mailing list
>> Pac...@li...
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
> --
> Fabrice Dur...@in... :: +1.514.447.4918 (x135) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
>
>
|
