[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP authentication using Radius



On Thu, 16 Aug 2012, JET JETASIK wrote:

From truss during simple bind, I can see it read the radius.conf and
sendto() my radius server, also got recvfrom() it, but nothing hit my radius
server actually.
Below is output of truss -p <slapd_pid>

Honestly, that looks like it *is* working from the client perspective. If you're asserting that nothing hit your radius server, I'd take a few minutes with wireshark/tcpdump/snoop/etc. and see if that's true (run it on both sides). If the server-side captures show nothing then fix the network so the packet gets seen by the server. If the captures show 2-way conversation then fix your radius server so it logs/debugs the packet that the kernel's actually getting.

Also, it might be worth getting a copy of radtest or similar program and getting that working on the box running slapd. Ideally, said test program would be linked against the same libradius as slapd.