ldap { fail=1}

Alan DeKok aland at deployingradius.com
Wed Jan 10 15:34:48 CET 2007

jerrrry at voila.fr wrote:
> i'm using freeradius 1.0.1 from Red Hat entreprise 4.

  You SHOULD upgrade:


> I want the radius server to authenticate users thanks to the "users"
> file even if the ldap directory is not reachable and the radius server
> to start even if the DB is not reachable

  That's probably the way the server should work.  Those issues probably
weren't though of when the server was written, as the SQL module works
the same way.

> I tried with  ldap { fail =1}  in the authorize section   and sql { fail
> = 1 } in the instantiate section without any success.
> "fail" doen't seem to be know.

  No, it doesn't work in the "instantiate" section.  It could, though.
It's a good idea, and one I hadn't thought of.

  An alternative would be to update the LDAP module to NOT bind at
startup, and do it only when a request came in.  That would help, too.

  Alan DeKok.
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog

More information about the Freeradius-Users mailing list