Is FreeRADIUS connecting to AD with DNS or IP? -Peter On Tue 19 Sep 2006 12:30, Michael Messner wrote: > hey mailinglist, > > I have a little prob. with the first login via the radiusserver, it looks > like this > > MS-Active directory -- freeradius 1.1.2 -- cisco or enterasys switch > > If I restart the radiusd the first try for a login needs about 20 seconds: > > [root@Xradius ~]# time echo "User-Name = mmessner, User-Password = m1k3" | > radclient -c1 -s 127.0.0.1:1645 auth testing123 > Received response ID 106, code 2, length = 71 > Tunnel-Type:1 = VLAN > Tunnel-Medium-Type:1 = IEEE-802 > Tunnel-Private-Group-Id:1 = "1" > Reply-Message = "Welcome mmessner in the - Domain" > radclient: received response to request we did not send. > > Total approved auths: 1 > Total denied auths: 0 > Total lost auths: 0 > > real 0m20.285s > user 0m0.072s > sys 0m0.013s > > after this time everything goes fast, also the next login attempts! > > freeradius hangs for this time with the message: > > radius_xlat: 'CN=Users,DC=isalab,DC=local' > radius_xlat: 'sAMAccountName=mmessner' > rlm_ldap: ldap_get_conn: Checking Id: 0 > rlm_ldap: ldap_get_conn: Got Id: 0 > rlm_ldap: attempting LDAP reconnection > rlm_ldap: (re)connect to labad01:389, authentication 0 > > If I sniff the packets on the AD-server in this time there are no LDAP > requests. > > any ideas?!? > > thanks mIke > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc
Attachment:
pgpL6dlzAN1j7.pgp
Description: PGP signature