up@3.am wrote:
Trying to set up a new RADIUS 2.1.12 server with LDAP. It configured and built all the modules I need, including rlm_ldap, once I installed the dependencies. I took all of the same config files that I have working on servers running 2.1.9 and 2.1.10, but 2.1.12 rlm_ldap doesn't seem to finish instantiating. Here's most of the debug:
You edited the default configuration and broke it.
You deleted the default "ldap" module. You added "ldap1" and "ldap2".
Then, the "authenticate" section refers to "ldap", which doesn't exist.
Make sure that you refer to modules which exist.
That's the first thing I checked in raddb/sites-available/default but "ldap" is commented out in the auth (and accounting) section. Here is what I have, which is at this point is the entire raddb directory lifted out of two older versions that are running fine:
authorize {
preprocess redundant LDAP{ ldap1 ldap2 }
# The ldap module will set Auth-Type to LDAP if it has not # already been set # ldap
authenticate {
#Auth-Type LDAP { redundant LDAP{ ldap1 ldap2
}
accounting {
# Un-comment the following if you have set # 'edir_account_policy_check = yes' in the ldap module sub-section of # the 'modules' section. # # ldap
HOWEVER, I do refer to the ldap module in the radiusd.conf, but this is how I got it working with redundant LDAP servers in the first place. net_timeout = 1
Sorry, I inadvertently gave incomplete ldap module configs for ldap1 and 2..here is a complete one: ldap ldap2{ server ="ldap2.domain.com" basedn = "dc=domain,dc=com" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 tls { start_tls = no } dictionary_mapping = ${confdir}/ldap.attrmap edir_account_policy_check = no set_auth_type = no } ________ I did try set_auth_type = yes for gags, but no go.