On Apr 1, 2006, at 5:28 AM, Marc Delisle wrote:
Hi,
I'm trying to make freeradius 1.1.0 contact a LDAP server.
I configured freeradius --with-edir.
The error I get is
"rlm_ldap: could not start TLS Can't contact LDAP server"
I followed this document
http://www.novell.com/coolsolutions/tip/15922.html
except that in my case, the LDAP server is on Netware 6.5 SP5.
On this Netware server, LDAP responds correctly over SSL, as tested
with Novell's ldapsearch on port 636.
I had a problem similar to this: 'ldapsearch' worked, but Freeradius
couldn't make an LDAP connection with TLS. It turns out that my
system had two versions of the openssl library, and radiusd was
linking to the wrong version. It was kind of confusing, since the
rlm_ldap module was linked to the correct library (in /usr/local/
lib), but radiusd was linked to the one in /usr/lib, and that's the
one that got loaded at run time.
I ended up setting --with-openssl-includes and --with-openssl-
libraries in the Makefile for the port (I'm using FreeBSD 5.4), and
that solved the problem.
--
George C. Kaplan [EMAIL PROTECTED]
Communication & Network Services 510-643-0496
University of California at Berkeley
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
