This morning I upgraded my ldap server to the latest revision (from openldap-2.1.12 to openldap-2.1.16). Then restarted radius (freeradius v 0.8.1) and was surprised by a slew of errors in my radius.log file. They were:
"Error: rlm_ldap: All ldap connections are in use" and "Error: Dropping packet from client evrt1-1:1645 - ID: 32 due to dead request 933" Of course, no one could authenticate. Next I ran radius in debug mode, but as soon as a connection was requested, the radius server died trying to authenticate the first user. The failed authentication ended with the following output from radiusd -X: . . . rad_lowerpair: User-Name now 'mollybe' modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_ldap: - authorize rlm_ldap: performing user authorization for mollybe radius_xlat: '(uid=mollybe)' radius_xlat: 'ou=people,dc=winsome,dc=com' ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 127.0.0.1:389, authentication 0 rlm_ldap: bind as cn=Manager,dc=winsome,dc=com/secretpassword to 127.0.0.1:389 rlm_ldap:waiting for bind result ... rlm_ldap: performing search in ou=people,dc=winsome,dc=com, with filter (uid=mollybe) /usr/local/sbin/radiusd: relocation error: /usr/local/lib/rlm_ldap-0.8.1.so: undefined symbol: ldap_enable_cache Unable to determine the exact nature of the errors, I decided to go back to the previous version of LDAP to undo what I had done. However, after reinstalling the previous version of LDAP, the same problem with radius persisted. Since it appeared that there was a library problem in rlm_ldap-0.8.1, I rebuilt freeradius from scratch. Still, the same errors persisted. Now, as a temporary measure I have had to go back to the passwd and shadow files to allow customer access. But this is not a solution. Please lend assistance if you can. Thanks very much, Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
