Hi all, I am building a new radius server on Centos7 and configuring for LDAP auth. I have an older version running on a different server, and have brought over my configs and adjusted to the new version requirements (for instance, adding the ipaddr attribute to all the client stanzas). However, I seem to be having an issue with the rlm_ldap module, and the ldap config itself. BTW, ran all updates this morning, so everything should be at the latest versions (from the repositories, anyway). FreeRADIUS Version 3.0.4 is what is now installed. So, here's my ldap file from the old server (that works properly): --------------------------------------------- ldap rg600-1 { server = "10.255.255.40" identity = "cn=admin,o=ourorg" password = r!da2Lp basedn = "ou=administration,o=ourorg" filter = "(uid=%u)" ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 tls { start_tls = no } access_attr = "uid" dictionary_mapping = ${confdir}/ldap.attrmap edir_account_policy_check = no groupname_attribute = gidnumber groupmembership_attribute = gidNumber } --------------------------------------------- I copied this file exactly to the new server. To test connectivity, I ran (on the new server): --------------------------------------------- ldapsearch -x -W -D "cn=admin,o=ourorg" -b "ou=administration,o=ourorg" objectclass=* --------------------------------------------- and, when asked, provided the r!da2Lp password, and successfully got the list of all objects... indicating that the connectivity, username, and password are perfectly correct. When I run radiusd -X -d /etc/raddb, I get the following end result of debug lines: --------------------------------------------- ... rlm_ldap (rg600-1): Opening additional connection (0) rlm_ldap (rg600-1): Connecting to 10.255.255.40:389 rlm_ldap (rg600-1): Waiting for bind result... rlm_ldap (rg600-1): Bind credentials incorrect: Invalid credentials rlm_ldap (rg600-1): Opening connection failed (0) rlm_ldap (rg600-1): Removing connection pool --------------------------------------------- indicating, I believe, a bad password or bad user ID. I have a feeling that the "!" in the password is causing issues. I have surrounded the password with single quotes, double quotes, ticks, and have escaped the ! with \, all to no avail. I cannot really change the password, as so many systems are using it that it is prohibitive. Anyone have any ideas? I'll supply any other required data... Thanks! Alex -- Alex Moen NSTII North Dakota Telephone Company 701-662-6481