Re: [PacketFence-users] Can't link PacketFence with AD Server.

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi 

Tanks for your help 

I've found the solution to it. It seems like he don't like when there is wrong timezone, I configured the same on both server and it work ! 

It show up in green and troubleshooting command work ! 

For this squetch, I only need packetfence has Radius service. 
After doing the remaining configuration, I've tested the radius service. 

BUT, I have the following error in radius.log 

(51) rest: ERROR: {"control:PacketFence-Authorization-Status":"allow","Reply-Message":"CLI Access is not allowed by PacketFence on this switch"} 
Feb 5 11:01:05 pfcen7 auth[11140]: Need 2 more connections to reach min connections (3) 
Feb 5 11:01:05 pfcen7 auth[11140]: rlm_rest (rest): Opening additional connection (4), 1 of 63 pending slots used 
Feb 5 11:01:05 pfcen7 auth[11140]: (51) Rejected in post-auth: [NOVAYS\pfadmin] (from client 192.168.1.201 port 0 cli 4???I? via TLS tunnel) 
Feb 5 11:01:05 pfcen7 auth[11140]: (51) Login incorrect (rest: Server returned:): [NOVAYS\pfadmin] (from client 192.168.1.201 port 0 cli 4???I? via TLS tunnel) 
Feb 5 11:01:05 pfcen7 auth[11140]: [mac:4▒▒I▒] Rejected user: NOVAYS\pfadmin 
Feb 5 11:01:05 pfcen7 auth[11140]: (52) Login incorrect (eap_peap: The users session was previously rejected: returning reject (again.)): [NOVAYS\pfadmin] (from client 192.168.1.201 port 0 cli 4???I?) 

I've tested many user like: 
NOVASYS\administrateur 
NOVASYS\pfadmin 
administrateur 
pfadmin 

I always get the same error. I've search in the documentation about CLI configuration. In 26.3 Switch Login Access (page 229) I've added an Admin Role in "Configuration-> System Configuration -> Admin access" 
witch "Action : Switch CLI - Read" 

Still have the same probleme 
Is the CLI configuration faulty or do I use a wrong syntaxe in the authentication prompt ? 

Btw I restart radius service on each configuration change. 

Adrian 

_______________________________________________ 
PacketFence-users mailing list 
Pac...@li... 
https://lists.sourceforge.net/lists/listinfo/packetfence-users