Hi, I'm using 'Debug 12' inside of <AuthBy LDAP2> to troubleshoot TLS problems. Have you set the port to 636 and UseSSL? UseTLS should really be named UseSTARTTLS because it's quite irritating otherwise. You also need to configure the root CA (not intermeditate CA!) cert using SSLCAFile.
I haven't the need to run Radiator in the foreground, maybe I've missed the Net::LDAP errors in the past?! Cheers, Alex On 2016-05-11 18:42, Tuure Vartiainen wrote: Hello, On 11 May 2016, at 01:49, Jennifer Mehl <jennifer.m...@ucsb.edu><mailto:jennifer.m...@ucsb.edu> wrote: I’m working on setting up a new RADIUS client/handler, and am having trouble diagnosing why connections from Radiator to an LDAP server are failing. Using the ldapsearch command from the same system, using the same AuthDN/password yields a successful result. I’m wondering if there is an error being kicked off somewhere from the LDAP or SSL Perl modules that I can’t see. Or is there an open/broken connection to the LDAP server being cached somewhere that needs a “reset?” I’ve turned on Trace 5 in radius.cfg and “Debug 255” in the AuthByLDAP2 clause, but not seeing a lot in the logs about the reason for the failure. Perl’s LDAP library’s debug output, which is enabled with “Debug 255”, can only be seen on a console when running Radiator on a foreground. E.g. $ perl radiusd -config /etc/radiator/radius.cfg -trace 4 -log_stdout -foreground BR -- Tuure Vartiainen <varti...@open.com.au><mailto:varti...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au<mailto:radiator@open.com.au> http://www.open.com.au/mailman/listinfo/radiator *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
_______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
