On Thu, 16 Sep 2004, Hou, Ming wrote: > Hi, > > Does anyone have any problem for FreeRadius 1.0.0 to communicate a > secure ldap server on Solaris 8? > > There are my components: > FreeRadius 1.0.0 > Openldap 2.2.15 > OpenSSL 0.97d > Gcc 3.3.2 > > There is my ldap configuration: > > ldap ldapssl { > server = "ldapx.njit.edu" > port = 636 > tls_cacertfile = /usr/local/radius/cert/xxx.perm > ... > Start_tls = no > ... > } > > There is my runtime log file: > ... > rlm_ldap: ldap_get_conn: Checking Id: 0 > rlm_ldap: ldap_get_conn: Got Id: 0 > rlm_ldap: attempting LDAP reconnection > rlm_ldap: (re)connect to ldapx.njit.edu:636, authentication 0 > rlm_ldap: setting TLS mode to 1 > rlm_ldap: setting TLS CACert File to /usr/local/radius/cer/xxx.perm > rlm_ldap: bind as / to ldapx.njit.edu:636 > rlm_ldap: bind to ldapx.njit.edu:636 failed: Can't contact LDAP server > ... > > However, I tested FreeRadius 1.0.0 on my RedHat Linux 9 with RedHat > default installed OpenLDAP and OpenSSL, it could talk with my backend > ldap server with port 636. At this point, I am very sure that my secure > LDAP server is okay. > > Any idea to fix my issue?
Check your ldap server logs. Are there any ACLs in the way? Running tcpdump would probably also be a good idea. > > Thank you. > ming > > > > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html