FreeRadius LDAP connection to Google Workspce
Alan DeKok
aland at deployingradius.com
Fri Oct 1 17:41:16 CEST 2021
> On Oct 1, 2021, at 11:35 AM, Benjamin Diehl <benjamin.diehl at foundationacademy.net> wrote:
>
> root at FreeRadius:~# LDAPTLS_CERT={/etc/freeradius/3.0/certs/ldap-client.crt} LDAPTLS_KEY={/etc/freeradius/3.0/certs/ldap-client.key} ldapsearch -H ldaps://ldap.google.com:636 -b dc={foundationacademy},dc={net} '(main={admin at foundationacademy.net})' -d8
> TLS: opening `{/etc/freeradius/3.0/certs/ldap-client.key}' failed: No such file or directory
> TLS: could not use private key file `{/etc/freeradius/3.0/certs/ldap-client.key}`.
Why are you putting {} around everything?
LDAPTLS_CERT is a filename. There's no need to add {} everywhere. Just use this, without the {} mangling:
LDAPTLS_CERT=/etc/freeradius/3.0/certs/ldap-client.crt LDAPTLS_KEY=/etc/freeradius/3.0/certs/ldap-client.key ldapsearch -H ldaps://ldap.google.com:636 -b dc=foundationacademy,dc=net '(main=admin at foundationacademy.net)' -d8
> ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
>
> I believe this would be the issue, however, I don’t know why it wouldn’t find it. I’ve triple checked and the file is in there and named exactly the same as the command.
There is no file named "{/etc/...}"
Alan DeKok.
More information about the Freeradius-Users
mailing list