Help w/ pam radius

Alan DeKok aland at deployingradius.com
Thu Dec 20 10:01:46 CET 2007


Jeff Fishbaugh wrote:
> Just thought I would reply to my own thread since I figured it out and
> probably others can benefit from it.... yes yes yes the variations in
> distro's PAM implementation will kill you.... that was all it was.... so
> beware -- knowing your PAM system on your machines is crucial if you
> don't want to do a lot of head scratching.

  That's about where I am.  I wrote the module a *long* time ago.  I
didn't understand PAM then, and I don't understand it now.  Minor
things, like the complete and total lack of debugging information makes
PAM a nightmare compared to RADIUS. (IMHO)

> Wed Dec 19 15:50:05 2007 : Error: rlm_ldap: could not set
> LDAP_OPT_X_TLS_REQUIRE_CERT option to allow

  I think the code is just trying to do TLS things without noticing that
you're *not* doing TLS in LDAP.  I would say that the message can be
ignored.

  Alan DeKok.



More information about the Freeradius-Users mailing list