[RADIATOR] AuthBy LDAP difference between bind failure to LDAP service and unreachable LDAP service

Tue, 11 Mar 2014 23:24:07 -0700 

Hello all,

Does anyone know if it is possible to handle the errors of an unreachable LDAP 
server vs not capable to bind differently within radiator? If so, please advise.

For an access service we use the bind feature to let the LDAP server check the 
password for that specific user object, and then retrieve the required 
attributes. But when the username/password combination is wrong the result is 
IGNORE and hence another authentication attempt is done towards the second LDAP 
server (which of course also results in a non-successful bind attempt).

Fri Mar  7 10:57:40 2014: INFO: Connecting to 1.1.1.1:389
Fri Mar  7 10:57:40 2014: ERR: Could not open LDAP connection to 1.1.1.1:389. 
Backing off for 0 seconds
Fri Mar  7 10:57:40 2014: DEBUG: Radius::AuthGROUP:Wifiaccess-authentication 
Wifiaccess-LDAP-A result: IGNORE User database access error
Fri Mar  7 10:57:40 2014: DEBUG: Radius::AuthGROUP: Wifiaccess-authentication 
result: IGNORE, User database acess error
Fri Mar  7 10:57:40 2014: DEBUG: Radius::AuthGROUP:  result: IGNORE, User 
database access error

vs

Fri Mar  7 10:59:35 2014: INFO: Connecting to 1.1.1.1:389
Fri Mar  7 10:59:35 2014: INFO: Attempting to bind to LDAP server 1.1.1.1:389
Fri Mar  7 10:59:35 2014: ERR: Could not bind connection with 
u...@somedomain.nl, password, error: LDAP_INVALID_CREDENTIALS (server 
1.1.1.1:389).
Fri Mar  7 10:59:35 2014: ERR: Backing off from 1.1.1.1:389 for 0 seconds.
Fri Mar  7 10:59:35 2014: DEBUG: Radius::AuthGROUP:Wifiaccess-authentication 
Wifiaccess-LDAP-A result: IGNORE User database access error
Fri Mar  7 10:59:35 2014: DEBUG: Radius::AuthGROUP: Wifiaccess-authentication 
result: IGNORE, User database access error

Perhaps a non-successful bind operations bind should result in a REJECT instead 
of a IGNORE?

Met vriendelijke groeten/With kind regards,
           Karel van der Velden

[cid:image001.gif@01CF3DC2.EEAF4F50]
Ananke
Goddess of necessity, inevitability and compulsion
Godin van de noodzakelijkheid, onvermijdelijkheid en dwangmatigheid
NETCO FO N&SD Service Development
Reitemakersrijge 13
9711 HT Groningen
Vast: 050 - 5881003
Fax: 050 - 3186347

This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the email by you is prohibited

<<inline: image001.gif>>

_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

Reply via email to