>> u...@3.am wrote: >>> Trying to set up a new RADIUS 2.1.12 server with LDAP. It configured and >>> built >>> all the modules I need, including rlm_ldap, once I installed the >>> dependencies. >>> I >>> took all of the same config files that I have working on servers running >>> 2.1.9 >>> and >>> 2.1.10, but 2.1.12 rlm_ldap doesn't seem to finish instantiating. Here's >>> most >>> of >>> the debug: >> >> You edited the default configuration and broke it. >> >> You deleted the default "ldap" module. You added "ldap1" and "ldap2". >> >> Then, the "authenticate" section refers to "ldap", which doesn't exist. >> >> Make sure that you refer to modules which exist. > > That's the first thing I checked in raddb/sites-available/default but "ldap" > is > commented out in the auth (and accounting) section. Here is what I have, > which is > at this point is the entire raddb directory lifted out of two older versions > that > are running fine: > > authorize { > > preprocess > redundant LDAP{ > ldap1 > ldap2 > } > > > # The ldap module will set Auth-Type to LDAP if it has not > # already been set > # ldap > > authenticate { > > #Auth-Type LDAP { > redundant LDAP{ > ldap1 > ldap2 > > } > > accounting { > > # Un-comment the following if you have set > # 'edir_account_policy_check = yes' in the ldap module sub-section of > # the 'modules' section. > # > # ldap > > HOWEVER, I do refer to the ldap module in the radiusd.conf, but this is how I > got > it working with redundant LDAP servers in the first place. net_timeout = 1
Sorry, I inadvertently gave incomplete ldap module configs for ldap1 and 2..here is a complete one: ldap ldap2{ server ="ldap2.domain.com" basedn = "dc=domain,dc=com" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 tls { start_tls = no } dictionary_mapping = ${confdir}/ldap.attrmap edir_account_policy_check = no set_auth_type = no } ________ I did try set_auth_type = yes for gags, but no go. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html