Unknown Auth-Type "LDAP" in authenticate sub-section

up at 3.am up at 3.am
Fri Mar 9 19:17:59 CET 2012


>> up at 3.am wrote:
>>> Trying to set up a new RADIUS 2.1.12 server with LDAP.  It configured and built
>>> all the modules I need, including rlm_ldap, once I installed the dependencies.
>>> I
>>> took all of the same config files that I have working on servers running 2.1.9
>>> and
>>> 2.1.10, but 2.1.12 rlm_ldap doesn't seem to finish instantiating.  Here's most
>>> of
>>> the debug:
>>
>>   You edited the default configuration and broke it.
>>
>>   You deleted the default "ldap" module.  You added "ldap1" and "ldap2".
>>
>>   Then, the "authenticate" section refers to "ldap", which doesn't exist.
>>
>>   Make sure that you refer to modules which exist.
>
> That's the first thing I checked in raddb/sites-available/default but "ldap" is
> commented out in the auth (and accounting) section.  Here is what I have, which is
> at this point is the entire raddb directory lifted out of two older versions that
> are running fine:
>
> authorize {
>
> 	preprocess
> 		redundant LDAP{
>     			ldap1
>     			ldap2
>     			}
>
>
>         #  The ldap module will set Auth-Type to LDAP if it has not
>         #  already been set
> #       ldap
>
> authenticate {
>
> 	#Auth-Type LDAP {
> 	redundant LDAP{
> 		ldap1
> 		ldap2
>
> 	}
>
> accounting {
>
>  	#  Un-comment the following if you have set
>         #  'edir_account_policy_check = yes' in the ldap module sub-section of
>  	#  the 'modules' section.
>         #
> #       ldap
>
> HOWEVER, I do refer to the ldap module in the radiusd.conf, but this is how I got
> it working with redundant LDAP servers in the first place.
	        net_timeout = 1

Sorry, I inadvertently gave incomplete ldap module configs for ldap1 and 2..here
is a complete one:

         ldap ldap2{
                 server ="ldap2.domain.com"
                 basedn = "dc=domain,dc=com"
   	        filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
          	ldap_connections_number = 5
          	timeout = 4
                 timelimit = 3
   	        net_timeout = 1

  	        tls {
                        start_tls = no
                }
                dictionary_mapping = ${confdir}/ldap.attrmap
                edir_account_policy_check = no
                set_auth_type = no
        }
________

I did try set_auth_type = yes for gags, but no go.



More information about the Freeradius-Users mailing list