Sorry for formatting. On Sep 11, 2019, at 23:15 PM Alan DeKok <aland@deployingradius.com> wrote: Yes. How do you expect to use LDAP-Group when there's no ldap module? The conditional modules are a simple hack for simple things. If you need complex changes, edit the configuration files. I expected this attribute to be ignored if the module is not loaded, the condition will not be met or will be skipped and the check will return a reject. Edit the configuration files. Why are you dynamically loading LDAP-Group when you aren't using ldap? You should create a configuration that works. There's no point in creating a configuration that's broken, and then trying to make the server skip portions of it. I am trying to create a configuration of virtual server with many access checks combining different modules and i think that enabling/disabling modules by creating a link is easier than editing configuration file in many places. Maybe checking the condition that the module was loaded would be useful here, but I have not found a way to do this checking using unlang, and I think that it does not exist.