<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <style type="text/css" style="display:none;"></style> </head> <body dir="ltr"> <div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;"> <p>Hi,</p> <p><br> </p> <p>Hosts however would have to be joined by an admin? </p> <p><br> </p> <p>They also wouldnt be very IPA aware and stable from what I can see, ie joining a non-RH OS to IPA just looks an awful nightmare especially for 10000+ devices plus with 3 different OSes at least (IOS, Win, Android, linux and apple and windows laptops plus others) and multiple versions and patch levels.....um no, insanity beckons, LOL. <br> </p> <p><br> </p> <p>I am still trying to figure out what is wanted so I am vague because so are criteria and I have never done this before.</p> <p><br> </p> <p>All I have is,</p> <p><br> </p> <p>free, open source,</p> <p><br> </p> <p>The idea is that an employee can have a zero config access / sign in to wifi for their device once initially connected. </p> <p><br> </p> <p>The solution must be robust and available ie close to 99.999% availability. IPA can do this as the backend and yes PF can use LDAP hence my interest. Packet fence can be active/passive HA so its possible. Virtualised across multiple ESXi hosts and SANs.<br> </p> <p><br> </p> <p>I have a RFE in for a IPA howto section to be added to the PF manual as even the openldap section is empty. Or I might try and write it if I get the go ahead myself. </p> <p><br> </p> <p>The PF servers would be RHEL6.6 so Im hoping adding a service in IPA will "simply" work.<br> </p> <p><br> </p> <p><br> </p> <p><br> </p> <div id="Signature"> <div name="divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:; margin:0"> <div style="font-family:Tahoma; font-size:13px"> <div style="font-family:Tahoma; font-size:13px"> <div style="font-family:Tahoma; font-size:13px"> <p>regards</p> <p>Steven <br> </p> </div> </div> </div> </div> </div> <div style="color: rgb(33, 33, 33);"> <hr tabindex="-1" style="display:inline-block; width:98%"> <div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" color="#000000" face="Calibri, sans-serif"><b>From:</b> freeipa-users-bounces@redhat.com <freeipa-users-bounces@redhat.com> on behalf of Dmitri Pal <dpal@redhat.com><br> <b>Sent:</b> Thursday, 12 March 2015 9:15 a.m.<br> <b>To:</b> freeipa-users@redhat.com<br> <b>Subject:</b> Re: [Freeipa-users] Extending IPA to include multiple (say 5) fields for MAC addresses per user</font> <div> </div> </div> <div> <div class="moz-cite-prefix">On 03/11/2015 03:43 PM, Steven Jones wrote:<br> </div> <blockquote type="cite"> <div id="divtagdefaultwrapper" style="font-size:12pt; color:#000000; background-color:#FFFFFF; font-family:Calibri,Arial,Helvetica,sans-serif"> <p style="margin-top: 0px; margin-bottom: 0px;">Hi,</p> <p style="margin-top: 0px; margin-bottom: 0px;"><br> </p> <p style="margin-top: 0px; margin-bottom: 0px;">I have been asked to look at packetfence and linking it to IPA for authentication but I might need to allow users to login into their IPA info and add MAC addresses themselves, this is possible I think? <br> </p> <p style="margin-top: 0px; margin-bottom: 0px;"><br> </p> <p style="margin-top: 0px; margin-bottom: 0px;">Since ppl these days can have 3 mobile devices, (ipad, iphone and laptop) I would need multiple MAC fields so would have to extend IPA's schema? is this a good idea?</p> </div> </blockquote> <br> I would treat the devices as hosts rather than extend user schema.<br> But can you explain the use case and what you have in mind.<br> Based on the PF site they support different LDAP servers for authentication so I am not sure any schema change would be needed.<br> <br> <blockquote type="cite"> <div id="divtagdefaultwrapper" style="font-size:12pt; color:#000000; background-color:#FFFFFF; font-family:Calibri,Arial,Helvetica,sans-serif"> <p style="margin-top: 0px; margin-bottom: 0px;"><br> </p> <p style="margin-top: 0px; margin-bottom: 0px;"><br> </p> <p style="margin-top: 0px; margin-bottom: 0px;"><br> </p> <div id="Signature"> <div name="divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:; margin:0"> <div style="font-family:Tahoma; font-size:13px"> <div style="font-family:Tahoma; font-size:13px"> <div style="font-family:Tahoma; font-size:13px"> <p style="margin-top: 0px; margin-bottom: 0px;">regards</p> <p style="margin-top: 0px; margin-bottom: 0px;">Steven<br class=""> </p> </div> </div> </div> </div> </div> <div style="word-wrap:break-word; color:rgb(33,33,33)"> <div><br> </div> </div> </div> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> </blockquote> <br> <br> <pre class="moz-signature" cols="72">-- Thank you, Dmitri Pal Sr. Engineering Manager IdM portfolio Red Hat, Inc.</pre> </div> </div> </div> </body> </html>