13 LDAP queries for one authorize!

Phil Mayers p.mayers at imperial.ac.uk
Thu Aug 23 16:14:41 CEST 2007


On Wed, 2007-08-22 at 19:29 +0200, Turbo Fredriksson wrote:
> I'm working on fine tuning my radiusd.conf file, and found that
> I get 13 authorize request to the LDAP server for one XXX (client,
> request, logon?!).

You can reduce this somewhat by doing this:

authorize {
  preprocess
  eap
  files
  Autz-Type INNER {
    ldap
  }
}

...then in /etc/raddb/users:

DEFAULT	FreeRadius-Proxied-To == 127.0.0.1, Autz-Type := "INNER"

...which will only run the LDAP auth for the EAP inner request. You'll
still see two queries though for PEAP/MSCHAP






More information about the Freeradius-Users mailing list