LDAP authentication
Alan DeKok
aland at deployingradius.com
Mon Dec 11 18:57:23 UTC 2023
On Dec 11, 2023, at 1:45 PM, Deepansha Gaur <dgaur at ualberta.ca> wrote:
> I am trying to authenticate using ldap on freeradius. But it keeps giving
> me "could not start TLS" error.
>
> Below are the freeradius debugs:
>
> FreeRADIUS Version 3.0.26
..
> rlm_ldap (ldap): Opening additional connection (0), 1 of 32 pending slots
> used
> rlm_ldap (ldap): Connecting to ldap://directory.srv.ualberta.ca:389
> TLS: can't connect: (unknown error code).
> rlm_ldap (ldap): Could not start TLS: Connect error
> rlm_ldap (ldap): Opening connection failed (0)
The message "can't connect: (unknown error code)" is coming from the OpenLDAP client libraries, not from FreeRADIUS.
Try using the "ldapsearch" tool as documented in mods-available/ldap. It gives specific instructions for how to take the FreeRADIUS configuration flags, and use them as parameters to ldap search.
If ldapsearch can't connect, then the problem is either the network or OpenLDAP.
Which OS / distribution is this?
Alan DeKok.
More information about the Freeradius-Users
mailing list