[Date Prev][Date Next]
RE: LDAP authentication using Radius
On Thu, 16 Aug 2012, JET JETASIK wrote:
From truss during simple bind, I can see it read the radius.conf and
sendto() my radius server, also got recvfrom() it, but nothing hit my radius
Below is output of truss -p <slapd_pid>
Honestly, that looks like it *is* working from the client perspective. If
you're asserting that nothing hit your radius server, I'd take a few
minutes with wireshark/tcpdump/snoop/etc. and see if that's true (run it
on both sides). If the server-side captures show nothing then fix the
network so the packet gets seen by the server. If the captures show 2-way
conversation then fix your radius server so it logs/debugs the packet that
the kernel's actually getting.
Also, it might be worth getting a copy of radtest or similar program and
getting that working on the box running slapd. Ideally, said test program
would be linked against the same libradius as slapd.