I’ve a problem running FreeRADIUS as a service. I use Rocky Linux 9.5 and FreeRADIUS 3.0.21.
When I run FreeRADIUS in debug mode using #radiusd -X and test a request, I receive an accept:
[root@wserver-11 ~]# radtest ldapadm pass 127.0.0.1 0 testing123
Sent Access-Request Id 121 from 0.0.0.0:38254 to 127.0.0.1:1812 length 77
User-Name = "ldapadm"
User-Password = "pass"
NAS-IP-Address = 10.70.0.21
NAS-Port = 0
Cleartext-Password = "pass"
Received Access-Accept Id 121 from 127.0.0.1:1812 to 127.0.0.1:38254 length 38
Message-Authenticator = 0xa479df5b645e6b6b55227a87440fea0d
But when I started the service using systemctl start radiusd.service and try the same request, the radius response with error:
[root@wserver-11 ~]# radtest ldapadm pass 127.0.0.1 0 testing123
Sent Access-Request Id 164 from 0.0.0.0:56668 to 127.0.0.1:1812 length 77
User-Name = "ldapadm"
User-Password = "pass"
NAS-IP-Address = 10.70.0.21
NAS-Port = 0
Cleartext-Password = "pass"
Received Access-Reject Id 164 from 127.0.0.1:1812 to 127.0.0.1:56668 length 38
Message-Authenticator = 0xefdafb7580438b9991f6ed5c086e41d6
(0) -: Expected Access-Accept got Access-Reject
In the log only see the next:
Mon Feb 24 16:58:09 2025 : Error: rlm_ldap (ldap): Bind with uid=ldapadm,cn=users,dc=site,dc=es to ldap://url:port failed: Can't contact LDAP server
Mon Feb 24 16:58:09 2025 : Error: rlm_ldap (ldap): Opening connection failed (0)
Mon Feb 24 16:58:09 2025 : Auth: (0) Invalid user: [ldapadm] (from client localhost port 0)`
It’s strange the FreeRADIUS works correctly in debug mode, but in service mode don’t.
Anyone know a similar case?
Can help me please?
Regards.
For running in systemctl I did change in pool section in ldap, putting start = 0 and in tls putting start_tls = no.