an infamous LDAP-FreeRadius question
Zoltan Ori
z.ori at morehead-st.edu
Tue Jul 11 17:05:19 CEST 2006
On Tuesday 11 July 2006 10:10, Matt Ashfield wrote:
> rlm_ldap: attempting LDAP reconnection
> rlm_ldap: (re)connect to ldapserver2:389, authentication 0
> rlm_ldap: setting TLS CACert File to
> /etc/openldap/cacerts/20060206_ldap2_xxx_xxx.crt
> rlm_ldap: setting TLS Require Cert to demand
> rlm_ldap: starting TLS
> rlm_ldap: ldap_start_tls_s()
> rlm_ldap: could not start TLS Connect error
> rlm_ldap: (re)connection attempt failed
> rlm_ldap: search failed
> rlm_ldap: ldap_release_conn: Release Id: 0
> modcall[authorize]: module "ldap" returns fail for request 0
Apparently your LDAP server is not accepting TLS/SSL connections on port 389.
You'll need to fix that. See the docs on rlm_ldap for specifying the correct
port for your ldaps connection. I think it is as simple as 'port = 636'.
Zoltan Ori
More information about the Freeradius-Users
mailing list