On Tue, 21 Oct 2003, Rohaizam Abu Bakar wrote: > > manage to point one NAS to this radius... turn on the debug mode > (-sfxxyz)... and below is the portion where the problem start ..... FYI.. > during this rlm_ldap problem.. using ldapsearch should yield the result... > So no problem on LDAP site... > > ........... > rlm_ldap: performing search in ou=People,dc=jaring,dc=my, with filter > (uid=spts) > rlm_ldap: checking if remote access for spts is allowed by dialupAccess > rlm_ldap: looking for check items in directory... > rlm_ldap: looking for reply items in directory... > rlm_ldap: Adding radiusSessionTimeout as Session-Timeout, value 21600 & > op=11 > rlm_ldap: Adding radiusFramedCompression as Framed-Compression, value > Van-Jacobson-TCP-IP & op=11 > rlm_ldap: Adding radiusFramedMTU as Framed-MTU, value 1500 & op=11 > rlm_ldap: Adding radiusFramedProtocol as Framed-Protocol, value PPP & op=11 > rlm_ldap: Adding radiusServiceType as Service-Type, value Framed-User & > op=11 > rlm_ldap: user spts authorized to use remote access > ldap_release_conn: Release Id: 0 > modcall[authorize]: module "ldap1" returns ok for request 561 > modcall: group redundant returns ok for request 561 > modcall: group authorize returns ok for request 561 > rad_check_password: Found Auth-Type LDAP > auth: type "LDAP" > modcall: entering group Auth-Type for request 561 > modcall: entering group redundant for request 561 > rlm_ldap: - authenticate > rlm_ldap: login attempt by "spts" with password "XXXX" > rlm_ldap: user DN: > uniqueIdentifier=687130,ou=RADIUS,ou=People,dc=jaring,dc=my > rlm_ldap: (re)connect to 61.6.32.201:389, authentication 1 > rlm_ldap: bind as > uniqueIdentifier=687130,ou=RADIUS,ou=People,dc=jaring,dc=my/spts2003 to > 61.6.32 > .201:389 > rlm_ldap: waiting for bind result ... > rlm_ldap: ldap_result() > rlm_ldap: uniqueIdentifier=687130,ou=RADIUS,ou=People,dc=jaring,dc=my bind > to 61.6.32.201:389 fai > led: timeout > rlm_ldap: ldap_connect() failed > modcall[authenticate]: module "ldap1" returns fail for request 561 > rlm_ldap: - authenticate > rlm_ldap: login attempt by "spts" with password "XXXX" > rlm_ldap: user DN: > uniqueIdentifier=687130,ou=RADIUS,ou=People,dc=jaring,dc=my > rlm_ldap: (re)connect to 61.6.32.97:389, authentication 1 > rlm_ldap: bind as > uniqueIdentifier=687130,ou=RADIUS,ou=People,dc=jaring,dc=my/spts2003 to > 61.6.32 > .97:389 > rlm_ldap: waiting for bind result ... > rlm_ldap: ldap_result() > rlm_ldap: uniqueIdentifier=687130,ou=RADIUS,ou=People,dc=jaring,dc=my bind > to 61.6.32.97:389 fail > ed: timeout > rlm_ldap: ldap_connect() failed > modcall[authenticate]: module "ldap2" returns fail for request 561 > modcall: group redundant returns fail for request 561 > modcall: group Auth-Type returns fail for request 561 > auth: Failed to validate the user.
One question is why the bind operations are failing while the ldap search for the ldap attributes works ok. Use tcpdump to see inspect the ldap traffic between your radius and ldap server and take a look at the ldap server logs for anything strange. >From the logs you sent it doesn't show when the problem leading to the process death you are describing occurs. > Login incorrect: [spts] (from client jhb34 port 239 cli 072270533) > Delaying request 561 for 1 seconds > Finished request 561 > Going to the next request > ................. > > --haizam > > > > > ----- Original Message ----- > From: "Rohaizam Abu Bakar" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, October 21, 2003 12:44 PM > Subject: Re: core dump using freeradius0.9.2 with FreeBSD 5.1 > > > > > > Can't find the core although it say in log > > > > Oct 20 16:42:20 radius3 kernel: pid 67341 (radiusd), uid 0: exited on > > signal 4 (core dumped) > > > > Mon Oct 20 11:41:50 2003 : Error: rlm_ldap: > > uniqueIdentifier=208173,ou=RADIUS,ou=People,dc=com > > ,dc=my bind to x.x.x.x:389 failed: timeout > > > > > > When runnning FB 5.1 with 0.9.2, at first it will running OK .. then > around > > 15 minutes it will die & BOTH error log appear... > > > > Then when i switch to 0.9.0 ... no "core" error but only "rlm_ldap" > > error.... > > > > Currently no authentication is forwarded to above server... I've reverted > > to my FB 4.8 with 0.9.2 that running fine... > > > > What should i do without the CORE?? > > > > --haizam > > > > > > > > ----- Original Message ----- > > From: "Kostas Kalevras" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Monday, October 20, 2003 8:43 PM > > Subject: Re: core dump using freeradius0.9.2 with FreeBSD 5.1 > > > > > > > On Mon, 20 Oct 2003, Rohaizam Abu Bakar wrote: > > > > > > > even 0.9.0 having problem with FreeBSD 5.1 ... something about > rlm_ldap > > .... > > > > > > Please read doc/bugs and send a backtrace of the core dump to the list. > > > > > > Thanks > > > > > > > > > > > --haizam > > > > > > > > ----- Original Message ----- > > > > From: Rohaizam Abu Bakar > > > > To: [EMAIL PROTECTED] > > > > Sent: Monday, October 20, 2003 6:53 PM > > > > Subject: core dump using freeradius0.9.2 with FreeBSD 5.1 > > > > > > > > > > > > > > > > Using freeradius 0.9.2 with FreeBSD 5.1.. All compilations seems > Ok... > > even starting up doesn't give any problem... But once pumping load into it > > (not that heavy)... then it keep core dumping as shown in below log.. > > > > > > > > Currently i revert back to freeradius 0.9.0 with my FreeBSD 5.1 ... > > > > > > > > FYI... freeradius 0.9.2 inside my FreeBSD 4.8 runnning fine... > > > > > > > > > > > > LOG > > > > ===== > > > > i) from system log > > > > > > > > Oct 20 16:42:20 radius3 kernel: pid 67341 (radiusd), uid 0: exited > on > > > > signal 4 (core dumped) > > > > Oct 20 16:42:20 radius3 kernel: Oct 20 16:42:20 radius3 kernel: pid > > 67341 > > > > (radiusd), uid 0: exited on signal 4 (core dumped) > > > > Oct 20 17:02:02 radius3 kernel: pid 68054 (radiusd), uid 0: exited > on > > > > signal 4 (core dumped) > > > > Oct 20 17:02:02 radius3 kernel: Oct 20 17:02:02 radius3 kernel: pid > > 68054 > > > > (radiusd), uid 0: exited on signal 4 (core dumped) > > > > Oct 20 17:34:01 radius3 kernel: pid 69185 (radiusd), uid 0: exited > on > > > > signal 4 (core dumped) > > > > Oct 20 17:34:01 radius3 kernel: Oct 20 17:34:01 radius3 kernel: pid > > 69185 > > > > (radiusd), uid 0: exited on signal 4 (core dumped) > > > > Oct 20 17:46:27 radius3 kernel: pid 69671 (radiusd), uid 0: exited > on > > > > signal 4 (core dumped) > > > > Oct 20 17:46:27 radius3 kernel: Oct 20 17:46:27 radius3 kernel: pid > > 69671 > > > > (radiusd), uid 0: exited on signal 4 (core dumped) > > > > > > > > ii) from radius.log > > > > > > > > Mon Oct 20 18:37:00 2003 : Error: rlm_ldap: > > uniqueIdentifier=227523,ou=RADIUS,ou=People,dc=com,dc=my bind to > x.x.x.x:389 > > failed: timeout > > > > Mon Oct 20 18:37:00 2003 : Error: rlm_ldap: > > uniqueIdentifier=717710,ou=RADIUS,ou=People,dc=com,dc=my bind to > x.x.x.x:389 > > failed: timeout > > > > Mon Oct 20 18:37:03 2003 : Error: rlm_ldap: > > uniqueIdentifier=983053,ou=RADIUS,ou=People,dc=com,dc=my bind to > x.x.x.x:389 > > failed: timeout > > > > > > > > > > > > --haizam > > > > > > > > > > -- > > > Kostas Kalevras Network Operations Center > > > [EMAIL PROTECTED] National Technical University of Athens, Greece > > > Work Phone: +30 210 7721861 > > > 'Go back to the shadow' Gandalf > > > > > > - > > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > > > > > > > - > > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > > [ Scanned by JARING E-Mail Virus Scanner ( http://www.jaring.my ) ] > > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
