Additional NDS error messages missing in FR3 ?

Arran Cudbard-Bell a.cudbardb at freeradius.org
Sat Sep 29 15:06:36 CEST 2018



> On Sep 27, 2018, at 4:45 PM, Anja Ruckdaeschel <Anja.Ruckdaeschel at rz.uni-regensburg.de> wrote:
> 
> Hi there!
> 
> With FR2 you could acesss the NDS error messages, e.g.
> 
> NDS error: no additional information available (-338)
> NDS error: failed authentication (-669)
> NDS error: login lockout (-197)
> ...
> and log them.
> 
> In FR3 I still can see them with 
> ldap_debug = 0xFFFF
> 
> 
> 
> All I get e.g. with Module-Failure-Message is
> 
> Bind was not permitted: Server was unwilling to perform
> which is the LDAP Error Code 53, which is okay, but I'd really like to log the additional messages, because
> it's really useful...

I went through the Novell code in v2.0.x and there's no where obvious where additional messages are being printed.

It's not clear exactly how you're getting logging output from the server.  Are you running with -X? 

You know there are multiple instances of Module-Failure-Message right? Are you checking all of them.

-Arran


More information about the Freeradius-Users mailing list