[RADIATOR] AuthBy LDAP2 and FailureBackoffTime
Jan Tomasek
jan at tomasek.cz
Thu Jun 10 15:17:52 UTC 2021
Hi Heikki,
> Thanks for the config and the logs. I think we can get this fixed
> easily. Your Radiator config has 'DupInterval 0' in the <Client ...>
> clause. For this reason Access-Request with id 7 is not detected as a
> duplicate by Radiator and it's written to OpenSSL, which then correctly
> does not like it.
>
> The default DupInterval is 10 (seconds). The configuration samples used
> to have 0 for testing purposes, but this is no longer needed and the
> default is fine for the most cases.
>
> Even with the default DupInterval there still can be a problem that the
> TLS handshake is done before LDAP is attempted. When LDAP access is
> attempted IGNORE is returned but before that TLS handhsake can be done.
>
> Please let us know if the default DupInterval helps.
Yes, DupInterval resolved this problem.
I was running with this setting very long time. Ops.. thanks for help :)
--
-----------------------
Jan Tomasek aka Semik
http://www.tomasek.cz/
More information about the radiator
mailing list