V1.10 File and LDAP Problems

Gerry Dalton gerry.dalton at consolidated.com
Fri Feb 24 06:48:19 CET 2006

Andrew thanks for the quick reply.

>Looks like you don't have the LDAP information setup correctly.
>FreeRADIUS can't login to LDAP with the settings (un)specified.
> > rlm_ldap: (re)connection attempt failed
> > rlm_ldap: search failed
> > rlm_ldap: ldap_release_conn: Release Id: 0
> >    modcall[authorize]: module "ldap" returns fail for request 0
> > modcall: leaving group authorize (returns fail) for request 0

Yep, knew that, but expected to continue with the text auth since the 
user existed in that file.

>LDAP returns fail, which is weighted heavier than the both the "noop"
>returned by mschap and the "ok" returned by files. Because LDAP
>returns "fail," the entire request returns "fail." You can specify
>different weighted settings for noop, fail, etc, but the obvious
>answer is to fix your LDAP settings and then try again.
How do you go about setting the weighting.  I want to be able to use 
text, ldap and mysql so that we have various fall back options with a 
failure of the external databases (ldap and mysql).

>Once you can
>login to the LDAP, if the user does not exist in there then LDAP
>should return "noop" for the request. If you want a user to exist in
>both the LDAP and the users file with different passwords, that
>requires a bit of tweaking but I've got it working if you need to see

Would like to see how you did it.

>Hope this helps!

Gerry Dalton, Network System Support
Consolidated Communications
Cell:    214 532-1905

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060223/b4367a7b/attachment.html>

More information about the Freeradius-Users mailing list