AD Authentication via python module eventually fails

Alan Buxey alan.buxey at
Wed Oct 2 23:19:45 CEST 2019


any reason why python is being used at all - not having seen the
script not sure why you arent
just doing everything native in FR ?


On Wed, 2 Oct 2019 at 21:08, Orestes Leal Rodríguez
<olealrd1981 at> wrote:
> Hi guys,
> I have a freeradius 3.0.16 (ubuntu 18.04.3) running authenticating
> users against an AD via ldap binds, I call a module (small python
> program) that calls the ldap binds, etc. So this module's return value
> indicates to the freeradius if auth was successful or not. From time
> to time the server starts to return (maybe a month) auth failures. I
> believe that this module loading for each auth user makes the server's
> state change or in general leave it in a unconsistent state. The
> module is loaded from the 'python' module putting the name of the
> module's filename. This module is on
> /usr/lib/python2.7/ This configuration was transfered
> from another (older freeradius version, ubuntu 16.04) to this new
> freeradius server. I suggested go through the ntlm_auth route but the
> IT manager decided to go this route (the module using ldap binds)
> which it works but we have this problem and the original person that
> used the module also have. I wonder if anybody can iluminate what's
> happening at the server state level. To fix this I have to restart the
> freeradius process and everything start to work again so it's not
> something on the AD side.  I suspect an 'in-memory' state or something
> is the cause. Any ideas?
> Thanks,
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list