Configuration trouble with fail-over
Alan DeKok
aland at deployingradius.com
Tue Apr 29 16:08:40 CEST 2008
Guillaume Rousse wrote:
> It does. But clarification between what's old and what's new syntax
> doesn't harm.
The new syntax is documented, and is preferred. If you try the old
one (undocumented and deprecated), it works. What needs clarification?
> Right, but that seems to be only a syntax difference, refering to a
> named instance of the LDAP module. One would expect the code to be more
> robust, or at least the problem documented somewhere.
It is very difficult to determine what is *supposed* to happen inside
of an authentication section. if you have suggestions for how to make
that determination, I'm interested.
And the problem is documented: the debug log prints out a warning
message, as you saw.
> If I understand correctly, there no way to help the rlm_module
> understand I'm using it for autentication, as I use a complex synta, so
> I have to set it up explicitely, right ?
Yes.
> In this case, I think this
> deserve some explanation in the rlm_ldap documentation, such as:
> "Warning, if the LDAP module is not directly referenced to in
> authentication section, such as a failover configuration using named
> aliases, this setting will be disabled".
The same problem applies to other modules, so it needs to be
documented in one place.
Alan DeKok.
More information about the Freeradius-Users
mailing list