I have recently restored UCS to another server and everything seems to be working except for the ldap module of freeradius.
# Instantiating module "ldap" from file /etc/freeradius/3.0/mods-enabled/ldap
rlm_ldap: libldap vendor: OpenLDAP, version: 20445
accounting {
reference = "%{tolower:type.%{Acct-Status-Type}}"
}
post-auth {
reference = "."
}
rlm_ldap (ldap): Initialising connection pool
pool {
start = 5
min = 3
max = 32
spare = 10
uses = 0
lifetime = 0
cleanup_interval = 30
idle_timeout = 60
retry_delay = 30
spread = no
}
rlm_ldap (ldap): Opening additional connection (0), 1 of 32 pending slots used
rlm_ldap (ldap): Connecting to ldap://ad.skaggscatholiccenter.org:7389
rlm_ldap (ldap): Waiting for bind result...
rlm_ldap (ldap): Bind credentials incorrect: Invalid credentials
rlm_ldap (ldap): Opening connection failed (0)
rlm_ldap (ldap): Removing connection pool
/etc/freeradius/3.0/mods-enabled/ldap[17]: Instantiation failed for module "ldap"
I looked at the password listed in /etc/freeradius/3.0/mods-enabled/ldap and it is the same as /etc/machine.secret Not sure why it would have failing credentials. The former server and this server have the same identity and server configs in the /etc/freeradius/3.0/mods-enabled/ldap conf file.
server = "ad.skaggscatholiccenter.org"
...
port = "7389"
...
identity = "cn=ad,cn=dc,cn=computers,dc=skaggscatholiccenter,dc=org"
...
base_dn = "dc=skaggscatholiccenter,dc=org"