Delayed bind options?
Franks Andy (IT Technical Architecture Manager)
Andy.Franks at sath.nhs.uk
Mon Jun 29 18:03:36 CEST 2015
Hi all,
Am using freeradius 3.1.0 (compiled from source).
Is there any way with this versions (or previous) to prevent the initial bind to at least ldap and/or mysql databases when the service starts?
The situation is that sometimes a resource that is initially bound (one of our 5 AD servers for example) is unavailable, which prevents being able to restart the freeradius service. If we do, it will not start. If the resource isn't around when the service is already started, it doesn't cause too many issues since we use redundant-load-balance etc features on that module or just force-allow a connection failure, so that failure to write logging information to a DB doesn't cause rejection.
I've hit this happen a couple of times, and since we're looking to relocate some AD servers with expected downtime I'd rather avoid the risk. I could remove the configuration for that server on each FR box, but it's a bit of a job as we have quite a few now.
I did search for 30mins or so, but it didn't turn much up, so apologies if I've overlooked the most heavily documented feature going..
Thanks
Andy
More information about the Freeradius-Users
mailing list