WINANT, KEVIN KW517G at att.com
Thu May 5 00:20:56 CEST 2016

Sorry am not trying to move/upgrade anything to v3 at this time.
I am trying to see my LDAP configuration for our External LDAP server.
I am trying to see which port LDAP is using.
If port 389 I will have no issue when the EXTERNAL LDAP server begins using SHA256 certs.
If configured to use 636, I then need to identify the ROOT CA and serial number being used by FreeRadius and verify it is the SAME Root CA and serial number the External LDAP server is using.
Apologies for the original looooooooong sentence.

> On 4 May 2016, at 12:43, WINANT, KEVIN <KW517G at att.com> wrote:
> Version is 2.1.1 which we found is EOL and looking to go to V3.
> Did the debug and looks like it loads up   >   "including configuration file /etc/raddb/modules/ldap"
> Looking in there do not find the hostname or IP of the external LDAP server in there.

Uh nope, don't try and use your v2.x.x config with v3.0.x.  Just rebuild it using a stock v3.0.x config.

> Reason trying to see LDAP settings is Company in installing SHA256 certs on the External LDAP server soon.
> I am trying to determine if LDAP is configured to use port 389 (unsecure) and there will be NO IMPACT to our servers communicating to External LDAP server or IF LDAP is  configured to use port 636 (secure) then I would then need to find out if ROOT CA freeradius is using is same ROOT CA External LDAP server is using along  with the same serial number.

Wow it may be the altitude but that extremely long sentence made absolutely no sense to me.  Could you try rephrasing?


Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

More information about the Freeradius-Users mailing list