[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: freeradius 3.0.15 not tarting if one LDAP server not reachable
From: Alan DeKok <aland () deployingradius ! com>
Date: 2017-12-15 15:55:41
Message-ID: 6766B797-F4F9-4ED0-ABA2-F59EE859FAFD () deployingradius ! com
[Download RAW message or body]
On Dec 15, 2017, at 9:01 AM, Enno Gröper <groepeen@cms.hu-berlin.de> wrote:
> If one of those ldap servers (i.e. ldap_cms2) can't be reached (temporary failure, \
> maintenance, ...), freeradius won't start:
> Thu Dec 14 21:05:31 2017 : Error: rlm_ldap (ldap_cms2): Could not start TLS: Can't \
> contact LDAP server Thu Dec 14 21:05:31 2017 : Error: rlm_ldap (ldap_cms2): Opening \
> connection failed (0) Thu Dec 14 21:05:31 2017 : Error: \
> /usr2/freeradius/etc/raddb/mods-enabled/ldap[844]: Instantiation failed for module \
> "ldap_cms2" Thu Dec 14 21:05:36 2017 : Info: Debugger not attached
>
> Are there any ideas how to work around this problem?
Set "start = 0" in the "pool" subsection of raddb/mods-enabled/ldap
> Do you think error handling could be extended here to distinguish between temporary \
> and permanent (configuration) errors?
How would you tell the difference between the two?
> Or would this add too much complexity?
> I assume, this would be a too complex change for 3.x.
> At this point in time we don't know, that there will be a redundant config for this \
> authentication source. Should I open a bug for this?
Nope. You can work around the issue using the standard configuration options.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic