Ldap searches don't seem to honour connect_timeout

Michael Ströder michael at stroeder.com
Sat May 14 17:04:00 CEST 2016


A.L.M.Buxey at lboro.ac.uk wrote:
> Hi,
> 
>>   I followed part of that, can't profess to be an expert in library interaction and such, sorry.
>> I am not sure really what to do next. Most of the libraries I got from standard installs off the ubuntu repos, are we talking fairly significant compilation of other stuff do you think?
> 
> remove the openldap2-dev package
> 
> grab the latest openldap source from their page (or mirror) , ./configure, make, make install
> (it'll all go into /usr/local/ )
> 
> then redo the freeradius configure stuff..... should pick up the local openldap dev stuff.
> 
> ensure tht the local openldap library is known  (output of ldconfig -v shows it....may need to add the /usr/local/lib
> as first path in /etc/ld.so.conf 
> 
> make ; make install    - when you do the ldd stuff against rlm_ldap.so it should show openssl linkage instead

Be very careful which such an advice. Depending on the system's nsswitch.cnf
using custom LDAP libs can lead to a library mix crashing the software.

You could do it right. But you have to really know what you're doing regarding
all the dependency stack of libldap -> cyrus-sasl -> berkeley-DB...

Ciao, Michael.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160514/65af8949/attachment.bin>


More information about the Freeradius-Users mailing list