Unknown Auth-Type "LDAP" in authenticate sub-section

up at 3.am up at 3.am
Fri Mar 9 16:59:46 CET 2012


> up at 3.am wrote:
>> Trying to set up a new RADIUS 2.1.12 server with LDAP.  It configured and built
>> all the modules I need, including rlm_ldap, once I installed the dependencies.
>> I
>> took all of the same config files that I have working on servers running 2.1.9
>> and
>> 2.1.10, but 2.1.12 rlm_ldap doesn't seem to finish instantiating.  Here's most
>> of
>> the debug:
>
>   You edited the default configuration and broke it.
>
>   You deleted the default "ldap" module.  You added "ldap1" and "ldap2".
>
>   Then, the "authenticate" section refers to "ldap", which doesn't exist.
>
>   Make sure that you refer to modules which exist.

That's the first thing I checked in raddb/sites-available/default but "ldap" is
commented out in the auth (and accounting) section.  Here is what I have, which is
at this point is the entire raddb directory lifted out of two older versions that
are running fine:

authorize {

	preprocess
		redundant LDAP{
    			ldap1
    			ldap2
    			}


        #  The ldap module will set Auth-Type to LDAP if it has not
        #  already been set
#       ldap

authenticate {

	#Auth-Type LDAP {
	redundant LDAP{
		ldap1
		ldap2

	}

accounting {

 	#  Un-comment the following if you have set
        #  'edir_account_policy_check = yes' in the ldap module sub-section of
 	#  the 'modules' section.
        #
#       ldap

HOWEVER, I do refer to the ldap module in the radiusd.conf, but this is how I got
it working with redundant LDAP servers in the first place.

        ldap ldap1{

                server = "ldap1.domain.com"
                basedn = "dc=domain,dc=com"
  	        filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
         	ldap_connections_number = 5
         	timeout = 4
                timelimit = 3
  	        net_timeout = 1

        ldap ldap2{
                server ="ldap2.domain.com"
                basedn = "dc=domain,dc=com"
  	        filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
         	ldap_connections_number = 5
         	timeout = 4
                timelimit = 3
  	        net_timeout = 1

This is how I understood to define more than one ldap source and it does work on 2
older servers, as I noted.  Is there something outside of raddb that I missed?

Thanks again!




More information about the Freeradius-Users mailing list