[RADIATOR] ERR: AuthLDAP2 Could not open LDAP connection to AD domain controllers
Heikki Vatiainen
hvn at open.com.au
Mon Jan 18 13:07:01 UTC 2021
On 16.1.2021 1.55, Hirayama, Pat wrote:
> I am currently trying to migrate an existing Radiator 4.12.1 running on
> CentOS 6.10 to Radiator 4.25 running on Ubuntu 20.04.1 LTS. I am running
> into an issue where Radiator 4.25 is unable to connect via LDAP to my
> domain controllers. The log shows (DC names changed):
>
> 00000000 Fri Jan 15 15:26:35 2021 089445: INFO: AuthLDAP2 Connecting to
> DC1.domain.tld port 3269
>
> 00000000 Fri Jan 15 15:26:35 2021 124694: ERR: AuthLDAP2 Could not open
> LDAP connection to DC1.domain.tld port 3269. Backing off for 10 seconds.
Ubuntu 20.04 uses OpenSSL with settings that may require additional
configuration on Radiator side. See this for more:
https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-
ssl-security-level
I'll take a look at this in detail too, but you can see if something
like this within AuthBY LDAP2 would help:
SSLCiphers DEFAULT at SECLEVEL=1
For more about Radiator parameters, see
https://files.radiatorsoftware.com/radiator/ref.pdf
SSLCiphers is described in 3.9.17 in Radiator 4.25 manual.
What you could also check is that what are the TLS versions and ciphers
the server supports. It can be that what the server uses is not
considered good enough on the client side.
Thanks,
Heikki
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
More information about the radiator
mailing list