Hi, On Wed, Jun 17, 2015 at 2:51 AM, Alan DeKok <aland@deployingradius.com> wrote:
On Jun 16, 2015, at 7:02 PM, Isaac Boukris <iboukris@gmail.com> wrote:
I can confirm the crashes are gone and it works well. I still have the linkage run time issue unless I add 'sasl.c' to 'rlm_ldap/all.mk.in' with v3.0 (no build-tools expert).
I've pushed a fix.
Thanks Alan! I've made some progress with my 'LDAP not responding problem'. If I set "SASL_SECPROPS maxssf=0" in my 'ldap.conf' file then both 'ldapsearch' and 'radiusd' won't encrypt the search request and - most importantly - the LDAP server answers to both of them! So I guess we can call that 'working' for now as the admin authentication use kerberos. I'll try however to investigate further why 'radiusd' won't encrypt like 'ldapsearch' does when I don't limit 'ssf'. Also interesting to understand how this is negotiated at sasl level (as I'm convinced now). Regards, Isaac B.