PDA

View Full Version : SLES 12 FreeRADIUS LDAP module missing?



boblmartens
17-Feb-2015, 20:27
I am attempting to setup a new RADIUS server in our environment and move from FreeRADIUS 1.0.1 to FreeRADIUS 3.0+ (available in the SLES 12 repos) ... however, I cannot find the LDAP module for FreeRADIUS after installation within the /etc/raddb/mods-available/ directory.

Is there a different way that needs to be handled now? The README in /etc/raddb/ seems to think it should be there.

Thanks for the help!

malcolmlewis
17-Feb-2015, 22:29
On Tue 17 Feb 2015 07:34:02 PM CST, boblmartens wrote:


I am attempting to setup a new RADIUS server in our environment and move
from FreeRADIUS 1.0.1 to FreeRADIUS 3.0+ (available in the SLES 12
repos) ... however, I cannot find the LDAP module for FreeRADIUS after
installation within the /etc/raddb/mods-available/ directory.

Is there a different way that needs to be handled now? The README in
/etc/raddb/ seems to think it should be there.

Thanks for the help!




Hi
Yup, looks like it's missing. I checked the src rpm of the SLE 12 SDK
and it shows it present, but for what ever reason not in the pool...

Let me ping my SUSE contacts.

--
Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
SUSE Linux Enterprise Desktop 12 GNOME 3.10.1 Kernel 3.12.36-38-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below... Thanks!

smflood
18-Feb-2015, 12:28
On 17/02/2015 19:34, boblmartens wrote:

> I am attempting to setup a new RADIUS server in our environment and move
> from FreeRADIUS 1.0.1 to FreeRADIUS 3.0+ (available in the SLES 12
> repos) ... however, I cannot find the LDAP module for FreeRADIUS after
> installation within the /etc/raddb/mods-available/ directory.
>
> Is there a different way that needs to be handled now? The README in
> /etc/raddb/ seems to think it should be there.

In looking into this I've also found that both krb5 and perl modules for
FreeRADIUS are also missing from mods-available (as is abfab_psk_sql but
I think that was added after 3.0.3). I've reported these omissions to SUSE.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------

boblmartens
18-Feb-2015, 14:27
Thanks to both of you!

As an aside, I would love to see some machinery for community members without support to be able to file and then track bug reports again SLE. Our current license has no SRs attached to it, but we try our best to report any "rough edges" we find and it would be nice to have more insight and access when we file these than the public bug reporting tool with no insight at all.

Just something to file away for the future. Thanks!

smflood
18-Feb-2015, 16:21
On 18/02/2015 13:34, boblmartens wrote:

> Thanks to both of you!
>
> As an aside, I would love to see some machinery for community members
> without support to be able to file and then track bug reports again SLE.
> Our current license has no SRs attached to it, but we try our best to
> report any "rough edges" we find and it would be nice to have more
> insight and access when we file these than the public bug reporting tool
> with no insight at all.
>
> Just something to file away for the future. Thanks!

It sounds like you've already found
https://www.suse.com/support/report-a-bug/ where you can report a bug
without opening a Service Request but not receive any feedback so you're
looking for something in between that and SRs? If so, I can't see that
changing as I don't see how SUSE would benefit from such a scheme.

There already exists a mechanism where SRs can be refund if an issue is
found to be a defect which hasn't been publicly documented so I think
that's your middle ground except you have to pay upfront.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------

boblmartens
18-Feb-2015, 16:38
It sounds like you've already found
https://www.suse.com/support/report-a-bug/ where you can report a bug
without opening a Service Request but not receive any feedback so you're
looking for something in between that and SRs? If so, I can't see that
changing as I don't see how SUSE would benefit from such a scheme.

There already exists a mechanism where SRs can be refund if an issue is
found to be a defect which hasn't been publicly documented so I think
that's your middle ground except you have to pay upfront.

HTH.
--
Simon
SUSE Knowledge Partner
I think the value would be in those with licenses, but not SRs, being more willing to supply bug reports because they'd be able to see a little of what is going on with that bug report instead of firing-and-forgetting. More bug reports can help equal a higher-quality product which would make it a better sell to those who would need SRs.

That's just from my (biased) point-of-view. Again, thanks for the help.

boblmartens
23-Feb-2015, 17:30
Back to the task at hand: any word on when/if we can expect an update?

smflood
23-Feb-2015, 18:30
On 23/02/2015 16:34, boblmartens wrote:

> Back to the task at hand: any word on when/if we can expect an update?

If: yes, when: soon.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------

boblmartens
23-Feb-2015, 19:15
On 23/02/2015 16:34, boblmartens wrote:

> Back to the task at hand: any word on when/if we can expect an update?

If: yes, when: soon.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------
Thank you greatly for your help and assistance.

markgard
26-Feb-2015, 14:38
Thanks to both of you!

As an aside, I would love to see some machinery for community members without support to be able to file and then track bug reports again SLE. Our current license has no SRs attached to it, but we try our best to report any "rough edges" we find and it would be nice to have more insight and access when we file these than the public bug reporting tool with no insight at all.

Just something to file away for the future. Thanks!

Do you know if anyone has opened an SR with this request?

boblmartens
26-Feb-2015, 15:15
Do you know if anyone has opened an SR with this request?

I know we have not, but I don't know if anyone else has.

boblmartens
19-Mar-2015, 20:17
I was hopeful that today's update to the radius server would bring the ldap mod ... sadly, no dice.

I will continue to wait patiently.

boblmartens
19-Mar-2015, 20:19
Ignore me ... I just found that it is a separate package. I am one happy person!

Thanks Simon!

EDIT: I needed to install the freeradius-server-ldap package and all is well with the world.