That did not work ether. Is there a better way to achieve ldap redundancy? I have attached the log output from when I started radiusd -X and the login failure. Thanks Jason On 5/2/08 11:45 AM, "Alan DeKok" <aland@deployingradius.com> wrote:
Jason Traeden wrote: ..
Ok I patched my box with this ldap.c.diff and I still have the same results.
Hmm... the same error messages?
Try this. I think this one should work...
Alan DeKok. Index: src/modules/rlm_ldap/rlm_ldap.c =================================================================== RCS file: /source/radiusd/src/modules/rlm_ldap/rlm_ldap.c,v retrieving revision 1.194 diff -u -r1.194 rlm_ldap.c --- src/modules/rlm_ldap/rlm_ldap.c 17 Apr 2008 07:59:21 -0000 1.194 +++ src/modules/rlm_ldap/rlm_ldap.c 2 May 2008 17:49:49 -0000 @@ -160,6 +160,7 @@ #endif int ldap_debug; /* Debug flag for LDAP SDK */ char *xlat_name; /* name used to xlat */ + char *auth_type; char *tls_cacertfile; char *tls_cacertdir; char *tls_certfile; @@ -456,9 +457,17 @@ */ if (inst->set_auth_type) { DICT_VALUE *dv = dict_valbyname(PW_AUTH_TYPE, xlat_name); + + /* + * No section of *my* name, but maybe there's an + * LDAP section... + */ + if (!dv) dv = dict_valbyname(PW_AUTH_TYPE, "LDAP"); if (!dv) { DEBUG2("rlm_ldap: Over-riding set_auth_type, as there is no module %s listed in the \"authenticate\" section.", xlat_name); inst->set_auth_type = 0; + } else { + inst->auth_type = dv->name; /* doesn't change on HUP */ } } /* else no need to look up the value */
@@ -1696,8 +1705,8 @@ request->password && (request->password->attribute == PW_USER_PASSWORD) && !added_known_password) { - pairadd(check_pairs, pairmake("Auth-Type", inst->xlat_name, T_OP_EQ)); - DEBUG("rlm_ldap: Setting Auth-Type = %s", inst->xlat_name); + pairadd(check_pairs, pairmake("Auth-Type", inst->auth_type, T_OP_EQ)); + DEBUG("rlm_ldap: Setting Auth-Type = %s", inst->auth_type); }
DEBUG("rlm_ldap: user %s authorized to use remote access", - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html