Secondary LDAP server

Kenneth Marshall ktm at rice.edu
Wed Mar 9 14:48:51 CET 2011


On Tue, Mar 08, 2011 at 05:16:35PM -0600, Gary Gatten wrote:
> I'm pretty sure this is discussed, examples, etc in the doc: online and in FR conf files. Sorry I don't have exact location handy, but I'm sure its there.
> 
> From: McNutt, Justin M. [mailto:McNuttJ at missouri.edu]
> Sent: Tuesday, March 08, 2011 05:02 PM
> To: freeradius-users at lists.freeradius.org <freeradius-users at lists.freeradius.org>
> Subject: Secondary LDAP server
> 
> One of my virtual servers uses LDAP auth.  However, it isn't clear to me if modules/ldap can be configured with a secondary LDAP server, should the primary fail to respond.  The group that provides the LDAP server can't set up multiple servers behind a load balancer due to cert issues, so I'm looking for a way to add a failover LDAP server to the RADIUS configuration.
> 
> What's the easiest/best/recommended way to do something like this?  Can modules/ldap be configured this way, or should I create a modules/ldap2 (or similar) and call it somehow?
> 
> Suggestions welcome.
> 
> Thanks!
> 
> Justin McNutt
> Network Systems Analyst - Ninja
> DNPS, Mizzou Telecom
> (573) 882-5183
> 


Look at redundant, load-balance and redundant-load-balance in
"man unlang". It goes over how to set this up and yes you will
need to set up an ldap2.

Cheers,
Ken



More information about the Freeradius-Users mailing list