Univention Bugzilla – Bug 46531
[4.3] ucs-school-ntlm-auth uses the master to authenticate in @school environments instead of local slave
Last modified: 2018-04-06 22:02:21 CEST
Created attachment 9443 [details] Patch to suppress using the master In a customer school environment, the master was not reachable. The login via wifi did not work, though the radius-server was reachable and was configured to authenticate against the local slave ldap. In /etc/freeradius/modules/ldap the school-slave is configured But in /usr/bin/ucs-school-ntlm-auth ldapConnection = univention.uldap.getMachineConnection() is used. → getMachineConnection() always uses the master if ldap_master=False is not passed.
The customer reported that the patch fixed the situation in the environment
[4.3 36a2c127] Bug #46531: use local LDAP server [4.3 b3ca85f0] Bug #46531: advisory [4.3 c551da5e] Bug #46531: advisory fix ucs-school-radius-802.1x (7.0.0-7)
Test: 72_radius_authentication -> OK YAML -> OK -> Verified
UCS@school 4.3 v2 has been released. https://docs.software-univention.de/changelog-ucsschool-4.3v2-de.html If this error occurs again, please clone this bug.