FreeRADIUS v1.0.4, rlm_ldap module, and redundancy
Dusty Doris
freeradius at mail.doris.cc
Wed Jul 13 22:47:41 CEST 2005
On Wed, 13 Jul 2005, Zawacki Jason D Ctr AFRL/IFOS wrote:
> Hey folks,
>
> Has anyone gotten redundancy working when using LDAP to perform
> authentication and authorization?
Yep, its working for me in the lab.
>
> I've been trying to get this to work, but it appears, to me, that the
> redundancy is only used for part of the auth process. When looking up the
> DN for the user who is trying to authenticate, redundancy works. After that
> though, it appears that only the first module in the redundant list is
> tried. Then it ultimately fails. The LDAP servers are 3 Windows DCs.
>
> authorize {
> redundant {
> svr1
> svr3
> svr2
> notfound = return
> }
> files
> }
I usually list files before ldap.
>
> authenticate {
> Auth-Type LDAP {
> redundant { # wasn't sure if this was necessary
> svr1
> svr3
> svr2
> }
> }
> }
>
That is correct.
More information about the Freeradius-Users
mailing list