AD Authentication via python module eventually fails

Orestes Leal Rodríguez olealrd1981 at gmail.com
Wed Oct 2 22:08:12 CEST 2019


Hi guys,

I have a freeradius 3.0.16 (ubuntu 18.04.3) running authenticating
users against an AD via ldap binds, I call a module (small python
program) that calls the ldap binds, etc. So this module's return value
indicates to the freeradius if auth was successful or not. From time
to time the server starts to return (maybe a month) auth failures. I
believe that this module loading for each auth user makes the server's
state change or in general leave it in a unconsistent state. The
module is loaded from the 'python' module putting the name of the
module's filename. This module is on
/usr/lib/python2.7/custom_module.py. This configuration was transfered
from another (older freeradius version, ubuntu 16.04) to this new
freeradius server. I suggested go through the ntlm_auth route but the
IT manager decided to go this route (the module using ldap binds)
which it works but we have this problem and the original person that
used the module also have. I wonder if anybody can iluminate what's
happening at the server state level. To fix this I have to restart the
freeradius process and everything start to work again so it's not
something on the AD side.  I suspect an 'in-memory' state or something
is the cause. Any ideas?

Thanks,


More information about the Freeradius-Users mailing list