ggreen@olemiss.edu wrote:
How do you have this setup? Check out
doc/configurable_failover. That
should show you how to do it.
I'm using configurable failover to get it to roll as it is.
From my radiusd.conf file:
[ snip ]
The above problem line should be: rlm_ldap: bind as uid=username, ou=People, dc=university,dc=edu,c=us/test123 to openldap.university.edu:1744 However, it is taking the userdn from the ad server which gave the first authorize ok. What I need is for it to attempt to authenticate with the appropriate userdn depending on which server it is authenticating to. So it would use the userdn from AD authenticating to the AD server and the openldap userdn when authenticating to the openldap server.
For what it is worth, we've seen the same problem here - we applied a local hack to rlm_ldap.c to work around the problem but it isn't a proper fix. --Craig