Addendum: On 11/11/2013 10:58 PM, Klara Mall wrote: > I have a problem with connecting to our Active Directory servers (LDAP) > on port 636 with radiator. Port 3269 is working but I have to use 636 > for a certain reason. > > The mad thing is: I cannot reproduce the problem with a little Perl > program on the same host. > > System: > radiator 4.11, Debian wheezy, i386 (all Perl modules from Debian)
Forgot to say: no IPv6 address is configured, only IPv4. > Relevant radiator configuration: > ------------------- > Host ad.example.com > Port 636 > Version 3 > UseSSL > SSLCAFile %D/certificates/ca.pem > Timeout 3 > ------------------- Forgot to say: I use AuthBy LDAP2. > With this configuration the connection fails about half of the time (not > always) with: > "ERR: Could not open LDAP connection to ad.example.com:636. Backing off > for 600 seconds." > > I had a look at Ldap.pm from the radiator code and wrote this little > Perl program: > ------------------- > require Net::LDAPS; > > my $host = "ad.example.com"; > > my $ldap = new Net::LDAPS($host, > port => 636, > verify => 'require', > localaddr => '', > multihomed => 1, > version => 3, > inet6 => 0, > timeout => 3, > cafile => > '/etc/radiator/certificates/deutsche-ca.pem'); This is a typo: it is the same file as above. > if (!$ldap) { print "error\n"; exit; } > else { print "success\n"; exit; } > > ------------------- > > I run this program in a while loop several times and the connection > never fails. > > I also removed the patch by Raphael Luta (in Ldap.pm) which permits > multiple hostnames. But it made no difference. > > I wasn't able to find the difference between the radiator code and my > code. Can you help me? > > Best regards > Klara > -- Karlsruher Institut für Technologie (KIT) Steinbuch Centre for Computing (SCC) Klara Mall Netze und Telekommunikation (NET) Hermann-von-Helmholtz-Platz 1 76344 Eggenstein-Leopoldshafen Telefon: +49 721 608-28630 Telefon: +49 721 608-48946 E-Mail: klara.m...@kit.edu Web: http://www.scc.kit.edu KIT - Universität des Landes Baden-Württemberg und nationales Forschungszentrum in der Helmholtz-Gemeinschaft _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator