LDAP Broken in 3.0?
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Sat Oct 19 08:21:01 CEST 2013
On 19 Oct 2013, at 06:56, Mikael Tomt <mikael.tomt at mora.se> wrote:
> Hello
> We are currently using freeradius 2.1.12 which works fine.
> I tried to install 3.0, everything went fine except ldap.
> When I try ldaps on port 636 it fails on startup with:
> rlm_ldap (ldap): Connecting to SERVERNAME:636
> rlm_ldap (ldap): Bind with CN=USERNAME,OU=XXX,DC=XXX,DC=XXX,DC=XXX to SERVER:636 failed: Can't contact LDAP server
> rlm_ldap (ldap): Opening connection failed (0)
> rlm_ldap (ldap): Removing connection pool
> /usr/etc/raddb/mods-enabled/ldap[1]: Instantiation failed for module "ldap"
and connections to 636 used to work with v2?
> With ldap on port 389 it starts but fails when I connect with:
> (35) ERROR: Failed performing search: Please set 'chase_referrals=yes' and 'rebind=yes'. See the ldap module configuration for details.
> (35) ERROR: Server said: 000004DC: LdapErr: DSID-0C0906DD, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1772.
>
> I have chase_referrals=yes and rebind=yes in ldap module file and tried to move it around without success.
You did re-create your module config right? and not just hack a v2 one about? Chase referrals and rebind got moved to the options {} section, and must be listed there to work.
Anyway can you provide your full debug output please (from server start to the first authentication request).
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
More information about the Freeradius-Users
mailing list