radiusd halts when LDAP bind fails.

David Hartburn D.J.Hartburn at kent.ac.uk
Tue Oct 4 12:16:32 CEST 2016

Alan give me this same advice when I had problems with Redhat, LDAP and 
v3.0.4 back in May.

I decided as we pay for support to go the correct route and ask RH to 
upgrade their package to 3.0.11 and put our deployment project on hold. 
It has been a busy summer so we probably would not have progressed too 
much anyway.

Updating to 3.0.11 looks a long way off, perhaps more than a year away. 
If they do go with that version it is not likely to be the latest by the 
time they deploy. Although they have recently provided me with a test 
patched version of v3.0.4 which has fixed my particular issue it has 
been a long process and who knows what other bugs are lurking in there?

Meanwhile I tried compiling my own version of 3.0.11, building it as a 
RPM package so it would nicely slot in, in the same way as the official 
release. It was very quick and simple to do.

The following two link proved very useful during this process

Download SPEC file and latest source from: 
http://koji.fedoraproject.org/koji/packageinfo?packageID=298 You need 
the src.rpm package

No hint of any errors, it all seems to work brilliantly.

While it is our policy to use RHEL supplied packages where ever 
possible, I can not think of any good reason not to continue compiling 
my own. When you can compile and deploy in 10 minutes and receive help 
here or log a case with RHEL and wait months, it is an easy decision.


On 27/09/16 22:29, Alan DeKok wrote:
>> On Sep 27, 2016, at 5:23 PM, Scott McLane Gardner <sgardne at uark.edu> wrote:
>> Thank you. I found a workaround that works for me. Since we're using systemd, I told the service "Restart=always". This works for me for now. I will definitely look into upgrading, but we like to stay on whatever version the RHEL repo's provide.
>   I wish people would complain to RedHat when their 3 year-old version of the server fails.  As it stands now, you're paying RedHat for support, and are getting no support.  You then ask *us* for support, and we help you, without getting paid.
>   This should be a lesson that RH is bad, and you should upgrade to a version of the server that *we* support.  Because we support you.  RedHat doesn't.
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list