FreeRadius users mailing list <[email protected]> on August 10, 2005 at 05:34 -0800 wrote: >Kris, > >Aug 10 07:06:21 2005 : Debug: rlm_ldap: bind as >uid=sbarnes,ou=people,o=marymount.edu.o=marymount.edu/cortina to >info.marymount.edu:389 >Wed Aug 10 07:06:21 2005 : Error: rlm_ldap: >uid=sbarnes,ou=people,o=marymount.edu.o=marymount.edu bind to >info.marymount.edu:389 failed: Can't contact LDAP server > >Even tried authentication to the backup LDAP server. Is there anyway to >test >the ldap module by hand as it were?
I think I'm at the end of my abilities here, but will make a couple more comments. First off, I'm nowhere near being an LDAP pro, but what's up with the "o=mayrmount.edu.o=marymount.edu" ? There are two things that stick out to me here -- first off, the '.' between the elements... I'm used to seeing a comma. Second, the duplication of the o=. Do you *really* have a child element named the same as its parent? I'm sorry I can't be of more assistance... but if ldapsearch works with the same binding credentials as FreeRadius (n.b. bind as the *user* "sbarnes" *not* as admin), then the issue looks to be something with the way FreeRadius & the Sun software interact. Is there, by chance, a policy restricting number of connections per minute on the Sun server? FreeRadius likes to connect at least twice in the authentication process -- once to search the directory, again to bind as the user it found. -kb -- Kris Benson, CCP, I.S.P. Technical Analyst, District Projects School District #57 (Prince George) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
