dropped request after ldap "constraint violating"

Cedric Hui chui at lbl.gov
Tue Jan 26 20:45:54 CET 2010


>
> Date: Tue, 26 Jan 2010 08:33:41 +0100
> From: Alan DeKok <aland at deployingradius.com>
> Subject: Re: dropped request after ldap "constraint violating"
> To: FreeRadius users mailing list
>        <freeradius-users at lists.freeradius.org>
> Message-ID: <4B5E9AD5.90907 at deployingradius.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> chui wrote:
> >>From radius.log, the symptom of the failure goes as follow
> >
> > 1. rlm_ldap receives "constraint violation" reply from ldap.
>
>  Well... that's an issue with LDAP.
>
> > 2. other authentication requests immediately followed the constraint
> > violation reply failed with "incorrect login"
>
>  Likely because the LDAP server treats the connection as "bad", and
> starts rejecting all searches done via that connection.
>
> > Can anybody shed some light on this failure scenario?
>
>  See https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=18
>
>  Maybe that change will help.
>
>  Alan DeKok.
>

I believed I have the same issue as described in ID 18 "rlm_ldap
MAX_FAILED_CONNS logic and ldap response 19 constraint violation".  I
would also like to see that "constraint violation" being handled as
RLM_MODULE_REJECT instead of RLM_MODULE_FAIL.  Is it likely that
Adam's request be included in the next update?

Thanks
Cedric




More information about the Freeradius-Users mailing list