LDAP Configuration is failing with Strange Parse error

shivu prasad shivaprasad2452 at gmail.com
Thu Nov 15 14:01:16 CET 2018


I am trying to configure the LDAP module

there are the my LDAP server details
          --- Server Details ---
Host Name:                slc10yyj.us.oracle.com
Administrative Users:     cn=Directory Manager
port : 1389
Base DN:     dc=example,dc=com

I added the same config in radb/modes-available/ldap and created soft link
in modes-enabled/

I enabled the ldap auth in site-enabled default file


*dap {        #  Note that this needs to match the name(s) in the LDAP
server        #  certificate, if you're using ldaps.  See OpenLDAP
documentation        #  for the behavioral semantics of specifying more
than one host.        #        #  Depending on the libldap in use, server
may be an LDAP URI.        #  In the case of OpenLDAP this allows
additional the following        #  additional schemes:        #  - ldaps://
(LDAP over SSL)        #  - ldapi:// (LDAP over Unix socket)        #  -
ldapc:// (Connectionless LDAP)        server = 'ldap://
<>'#       server = 'ldap://ldap.slc10yyj.us.oracle.com
<http://ldap.slc10yyj.us.oracle.com>'#       server =
'ldap.rrdns.example.org <http://ldap.rrdns.example.org>'#       server =
'ldap.rrdns.example.org <http://ldap.rrdns.example.org>'        #  Port to
connect on, defaults to 389, will be ignored for LDAP URIs.        port =
1389        #  Administrator account for searching and possibly
modifying.        #  If using SASL + KRB5 these should be commented
out.        identity = 'cn=Directory Manager'        password =
welcome1        #  Unless overridden in another section, the dn from which
all        #  searches will start from.        base_dn =
'dc=example,dc=com'        #        #  SASL parameters to use for admin
binds        #        #  When we're prompted by the SASL library, these
control        #  the responses given, as well as the identity and
password        #  directives above.*

when I try to start server its failing with below parser error
  # Instantiating module "cache_eap" from file
rlm_cache (cache_eap): Driver rlm_cache_rbtree (module rlm_cache_rbtree)
loaded and linked
  # Instantiating module "ldap" from file
rlm_ldap: Falling back to build time libldap version info.  Query for
LDAP_OPT_API_INFO returned: 89
rlm_ldap: libldap vendor: OpenLDAP, version: 2.4.40
   accounting {
       reference = "%{tolower:type.%{Acct-Status-Type}}"
   post-auth {
       reference = "."
k val = 89
value = ldap://
res = 89
/usr/local/freeradius-server-3.0.17/etc/raddb/mods-enabled/ldap[8]: Parsing
LDAP URL "ldap://" failed
Instantiation failed for module "ldap"

I given the server adress with hotsname and with ldap.prefix also
* server = 'ldap://ldap.slc10yyj.us.oracle.com
* server = 'ldap.slc10yyj.us.oracle.com
* server = 'slc10yyj.us.oracle.com <http://slc10yyj.us.oracle.com>'*

every time i am getting same error.

I even further dig in to see where the error is coming its looks like
*ldap_url_parse()* api is failing.

I checked the api my creating the sample C program if i give the input
as *'ldap://ldap.slc10yyj.us.oracle.com
<http://ldap.slc10yyj.us.oracle.com>' *is working fine in sample app, but
failing in free-radius server *.*

*Can anyone let me know what wrong going on here why the api in same linux
as sample app but failing in the server*


More information about the Freeradius-Devel mailing list