tip: note about -sql and -ldap
Alan Buxey
alan.buxey at gmail.com
Mon Apr 17 23:44:29 CEST 2017
hi,
just to remind people, with version 3 of the FreeRADIUS server, a new
feature arrived
which was/is called "Conditional modules".
TL;DR
-sql and -ldap are calls to the SQL and LDAP modules respectively that work
if those modules are configured and enabled
The conditional modules feature is documented in very few locations ,
the main reference source in the configuration files being the
mods-available/README.rst
file (if using a distribution version then I really hope they keep that
file present!)
this can be found online here:
https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/mods-available/README.rst
what this feature means is that as the default server ships, the config
files have a lots of features ready for use but not active. all you need to
do is configure either sql or ldap modules (or both!), link the
mods-available to mods-enabled and then the server will read the module
config, note that SQL and/or LDAP are configured and then automatically use
them - previously if you wanted to use SQL or LDAP, not only did you have
to configure the modules but you then also had to try guessing where to
stick the 'sql' or 'ldap' calls into the configuration - a nice game of
whack-a-mole that many people failed at, sticking the calls into all kinds
of places ;-)
note, as it says in the documentation , not very useful for production
environments because normally by then you will know what modules/options
you want and whether you need/want any of those modules...at which point,
you comment out the non needed stuff and can convert (or would convert )
-sql into sql etc as you know its configured and you want it.
personally, would like to see many other modules become conditional so the
server works out of the box and you just configure the modules/features you
want, then go through removing all the modules not needed (flagged in debug
yellow with "Ignoring module....." ) rather than guessing if something is
needed....a final pass would then convert all remaining -module with
module. et voila! :)
alan
More information about the Freeradius-Users
mailing list