Okay,
I had emailed earlier about thread problems and Solaris. Here's a
summary on what I've been doing (and a new problem I found).
Someone mentioned trying to compile FreeRADIUS on a Linux box and try my
configuration. I did just that with an old Dell and Red Hat 8.0. I
compiled FreeRADIUS 0.8.1 with these arguments:
./configure --prefix=/usr/local/etc/radius --with-ldap
My configuration got its authentication from LDAP and its authorization
from the users file, and it worked beautifully. These are EXACTLY the
same configuration files I used with my very troubled Solaris install.
(I just copied them over to the Linux machine with scp.) FreeRADIUS
works just like it should with Linux. However:
The Solaris 8 (on a Netra T1) install:
I compiled FreeRADIUS 0.8.1 with these arguments:
./confgure --prefix=/usr/local/etc/radius --with-ldap
(Just as a note, I used gcc for both Linux and Solaris. I even tried to
compile with Sun's compiler under Solaris, but after getting some errors
with the rlm_ldap module, I used gcc.)
This server would only work with LDAP if I ran it with the "-s" flag.
Otherwise the server would fail to connect with LDAP (sending out a syn
packet, immediently followed by a reset packet... before our LDAP server
ever answered). The radiusd.log contains:
Mon Dec 16 18:55:52 2002 : Error: rlm_ldap:
cn=xxxxxx,ou=xxxxxx,dc=xxx,dc=xxx bind to ldap.nau.edu:389 failed: Can't
contact LDAP server
Mon Dec 16 18:55:52 2002 : Error: rlm_ldap: (re)connection attempt failed
Debugging output does not give much more than this. Everything works
fine if I give radiusd the "-s" flag.
So I tried to compile with these arguments instead (and found a new
problem):
./configure --prefix=/usr/local/etc/radius --with-ldap --with-threads=no
The server worked without needing the "-s" flag, but the server would
not respond to accounting requests. When I tried to run in debug mode,
accounting requests caused a segmentation fault.
I do NOT have this problem when I compile "with threads", and I do not
need the "-s" flag to do accounting. I only need the "-s" flag for
LDAP... I tried authentication with a local account and this worked fine.
If anyone wants more information or you want me to try something please
feel free to email me. I am going to "solve" my problem by using a Linux
machine for FreeRADIUS. However, there may be some people who want to
use LDAP and Solaris someday so I decided to send this email about my
Solaris woes even though I am not planning to bother with it.
Thanks for the help,
--
Samuel T Patterson
Systems Programmer
Northern Arizona University
Information and Technology Services
[EMAIL PROTECTED]
Flagstaff, AZ
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- RE: Solaris Issue Samuel T Patterson
- RE: Solaris Issue Gene Parks
- Re: Solaris Issue Simon White
- Re: Solaris Issue Chris Parker
- RE: Solaris Issue Tim D. McCracken
- RE: Solaris Issue Gregory G. V.
- Re: Solaris Issue Brian Leung
- Re: Solaris Issue Frank Cusack
- Re: Solaris Issue Brian Leung
- Re: Solaris Issue Frank Cusack
- Re: Solaris Issue Brian Leung
