[RADIATOR] AuthBy LDAP2 and FailureBackoffTime

Jan Tomasek jan at tomasek.cz
Thu Jun 10 15:17:52 UTC 2021

Hi Heikki,

> Thanks for the config and the logs. I think we can get this fixed 
> easily. Your Radiator config has 'DupInterval 0' in the <Client ...>
> clause. For this reason Access-Request with id 7 is not detected as a 
> duplicate by Radiator and it's written to OpenSSL, which then correctly 
> does not like it.
> The default DupInterval is 10 (seconds). The configuration samples used 
> to have 0 for testing purposes, but this is no longer needed and the 
> default is fine for the most cases.
> Even with the default DupInterval there still can be a problem that the 
> TLS handshake is done before LDAP is attempted. When LDAP access is 
> attempted IGNORE is returned but before that TLS handhsake can be done.
> Please let us know if the default DupInterval helps.

Yes, DupInterval resolved this problem.

I was running with this setting very long time. Ops.. thanks for help :)

Jan Tomasek aka Semik

More information about the radiator mailing list