Custom racks for individual users

[mweintraubRM]

My company uses LDAP as our directory service, but to get it to work with the Directory Connector and Captive Portal on Untangle, we have it linked up with a FreeRadius server. That works, but not perfectly, but well enough to continue to use it for authenticating and tracking web users.

However, it does not work for the Policy Manager. If I want to assign a particular user to a particular custom rack, I cannot do so via username, I have to use their IP address.

Is there a workaround for this?

[hlarsen]

have you tried typing the username in the box?

[mweintraubRM]

Yes, I have. Even though the username is authenticated by Captive Portal/Directory Connector, that username's traffic is monitored by the default rack, not one specified for that user.

[jcoffin]

Quote:

Originally Posted by mweintraubRM

Yes, I have. Even though the username is authenticated by Captive Portal/Directory Connector, that username's traffic is monitored by the default rack, not one specified for that user.

Please post a screen shot of your Policy Manager. Also which version are you running?

[mweintraubRM]

Build: 9.1.1~svn20111222r30591release9.1-1lenny



It's a Dropbox link, so I don't know if it will work or not.

Here's the code for the exported Policy_Rules.json:

HTML Code:

[{"protocol":"any","startTimeString":"00:00","serverAddr":"any","clientAddr":"an
y","endTimeString":"23:59","serverIntf":"any","policyName":"Twitter OK","clientI
ntf":"any","clientPort":"any","description":"[no description]","serverPort":"any
","javaClass":"com.untangle.uvm.policy.UserPolicyRule","policy":{"id":47222,"par
entId":null,"default":false,"name":"Twitter OK","javaClass":"com.untangle.uvm.po
licy.Policy","notes":"People allowed to access Twitter"},"user":"mweintraub","da
yOfWeek":"any","live":true},{"protocol":"any","startTimeString":"00:00","serverA
ddr":"any","clientAddr":"any","endTimeString":"23:59","serverIntf":"any","policy
Name":"Wifi DMZ","clientIntf":"3","clientPort":"any","description":"Wifi traffic
","serverPort":"any","javaClass":"com.untangle.uvm.policy.UserPolicyRule","polic
y":{"id":6085,"parentId":null,"default":false,"name":"Wifi DMZ","javaClass":"com
.untangle.uvm.policy.Policy","notes":"Traffic on wireless network"},"user":"[any
]","dayOfWeek":"any","live":true},{"protocol":"any","startTimeString":"00:00","s
erverAddr":"any","clientAddr":"any","endTimeString":"23:59","serverIntf":"any","
policyName":"Default Rack","clientIntf":"2","clientPort":"any","description":"[n
o description]","serverPort":"any","javaClass":"com.untangle.uvm.policy.UserPoli
cyRule","policy":{"id":7,"parentId":null,"default":true,"name":"Default Rack","j
avaClass":"com.untangle.uvm.policy.Policy","notes":"The default rack"},"user":"[
any]","dayOfWeek":"any","live":true}]

[jcoffin]

The policies look ok. Take a look at the Directory Connector Status page. Is the username listed with the correct IP address?

[mweintraubRM]

It seems to be working as expected, now. Thanks for your help!