我在运行 Fedora 33 的同一台机器上安装了 FreeRADIUS 和 FreeIPA。IPA 工作正常,可以让客户端加入并进行身份验证。LDAP 命令行工具(ldapsearch、ldapmodify)可以使用相同的凭据成功绑定到本地和网络上的服务器。
但是当我尝试启动 radiusd(无论是在调试模式还是作为守护进程)时,我收到错误“服务器正忙”。测试时 CPU 和 RAM 使用率低于 10%,因此我认为服务器没有超载。以下是 LDAP 实例化日志。我试图找到尝试 LDAP 绑定的日志,但没有成功。
任何建议将不胜感激!
> # Instantiating module "ldap" from file /etc/raddb/mods-enabled/ldap
> rlm_ldap: libldap vendor: OpenLDAP, version: 20450
> accounting {
> reference = "%{tolower:type.%{Acct-Status-Type}}"
> }
> post-auth {
> reference = "."
> }
> rlm_ldap (ldap): Initialising connection pool
> pool {
> start = 5
> min = 3
> max = 32
> spare = 10
> uses = 0
> lifetime = 0
> cleanup_interval = 30
> idle_timeout = 60
> retry_delay = 30
> spread = no
> }
> rlm_ldap (ldap): Opening additional connection (0), 1 of 32 pending slots used
> rlm_ldap (ldap): Connecting to ldap://[servername hidden]:389
> rlm_ldap (ldap): Waiting for bind result...
> rlm_ldap (ldap): Bind with [credentials hidden] to ldap://[servername hidden]:389 failed: Server is busy
> rlm_ldap (ldap): Opening connection failed (0)
> rlm_ldap (ldap): Removing connection pool
> /etc/raddb/mods-enabled/ldap[8]: Instantiation failed for module "ldap"