[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP authentication using Radius

To: JET JETASIK <jet@transniaga.co.th>
Subject: RE: LDAP authentication using Radius
From: Aaron Richton <richton@nbcs.rutgers.edu>
Date: Wed, 15 Aug 2012 08:37:27 -0400 (EDT)
Cc: 'Howard Chu' <hyc@symas.com>, openldap-technical@openldap.org
In-reply-to: <002e01cd7aca$89d43260$9d7c9720$@transniaga.co.th>
References: <002601cd7a41$4cb89300$e629b900$@transniaga.co.th> <502AA938.5060303@symas.com> <002e01cd7a9c$ba6a2de0$2f3e89a0$@transniaga.co.th> <002e01cd7aca$89d43260$9d7c9720$@transniaga.co.th>
User-agent: Alpine 2.02 (SOC 1266 2009-07-14)

On Wed, 15 Aug 2012, JET JETASIK wrote:

Still got any luck yet.
Nothing hit my radius server when doing simple auth to openldap.
Any clue on how to check this.

Here is my /etc/radius.conf
auth 192.168.0.10:1812 secret


There aren't that many moving parts...

* Maybe try explicitly configuring timeout and numtries (fields 4 and 5)... my radius.conf has them, the man page implies defaults but who knows.

* Quick check might be to do a truss/strace/etc. on the open() family tosee if anything .*radius.* is being read, perhaps not in the path you wereexpecting. (You should see this once per bind.)

* Turn up slapd debugging, make sure you're getting to the bind in thefirst place in terms of ACLs, etc.

* Attach a debugger, break on chk_radius. It's not that complex afunction...

Follow-Ups:
- RE: LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>

References:
- LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>
- Re: LDAP authentication using Radius
  - From: Howard Chu <hyc@symas.com>
- RE: LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>
- RE: LDAP authentication using Radius
  - From: "JET JETASIK" <jet@transniaga.co.th>

Prev by Date: Re: pass-through authentication and base64
Next by Date: 2.4.32: mdb stable enough?
Index(es):
- Chronological
- Thread