Hi, I have a problem with connecting to our Active Directory servers (LDAP) on port 636 with radiator. Port 3269 is working but I have to use 636 for a certain reason.
The mad thing is: I cannot reproduce the problem with a little Perl program on the same host. System: radiator 4.11, Debian wheezy, i386 (all Perl modules from Debian) Relevant radiator configuration: ------------------- Host ad.example.com Port 636 Version 3 UseSSL SSLCAFile %D/certificates/ca.pem Timeout 3 ------------------- With this configuration the connection fails about half of the time (not always) with: "ERR: Could not open LDAP connection to ad.example.com:636. Backing off for 600 seconds." I had a look at Ldap.pm from the radiator code and wrote this little Perl program: ------------------- require Net::LDAPS; my $host = "ad.example.com"; my $ldap = new Net::LDAPS($host, port => 636, verify => 'require', localaddr => '', multihomed => 1, version => 3, inet6 => 0, timeout => 3, cafile => '/etc/radiator/certificates/deutsche-ca.pem'); if (!$ldap) { print "error\n"; exit; } else { print "success\n"; exit; } ------------------- I run this program in a while loop several times and the connection never fails. I also removed the patch by Raphael Luta (in Ldap.pm) which permits multiple hostnames. But it made no difference. I wasn't able to find the difference between the radiator code and my code. Can you help me? Best regards Klara -- Karlsruher Institut für Technologie (KIT) Steinbuch Centre for Computing (SCC) Klara Mall Netze und Telekommunikation (NET) Hermann-von-Helmholtz-Platz 1 76344 Eggenstein-Leopoldshafen Telefon: +49 721 608-28630 Telefon: +49 721 608-48946 E-Mail: klara.m...@kit.edu Web: http://www.scc.kit.edu KIT - Universität des Landes Baden-Württemberg und nationales Forschungszentrum in der Helmholtz-Gemeinschaft _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator