Redundant LDAP Servers
Jason Traeden
jtraeden at overstock.com
Thu May 8 17:58:47 CEST 2008
Ok, I got it working using the second patch you sent out rlm_ldap.c.diff and
the following config it works.
authorize {
redundant {
ad01 {
fail = 1
ok = return
}
ad02 {
fail = 1
ok = return
}
}
files
}
authenticate {
Auth-Type LDAP {
redundant {
ad01 {
fail = 1
ok = return
}
ad02 {
fail = 1
ok = return
}
}
}
}
DEFAULT Ldap-Group ==
"CN=g.acl.neteng,OU=Groups,OU=OSTK_Accounts,DC=overstock,DC=com"
Auth-Type := Accept,
What I found that was causing the errors
rlm_ldap: Over-riding set_auth_type, as there is no module ad02 listed in
the "authenticate" section.
Was in my users files I was using DEFAULT ad02-Ldap-Group == .....
And I was instantiate the module ad02
Once I stopped instantiate module ad02 and only uses Ldap-Group == ....
Along with the second patch it worked.
Will this patch get incorporated in future releases?
Thanks for all your help.
Jason
--
Jason Traeden
Network Engineer
Overstock.com
6350 South 3000 East
Salt Lake City, UT 84121
jtraeden at overstock.com
Desk 801-947-3889
Cell 801-699-1379
On 5/3/08 2:13 AM, "Alan DeKok" <aland at deployingradius.com> wrote:
> Jason Traeden wrote:
> ...
>> So I do have the authenticate section
>> authenticate {
> ...
>> And I still get the following errors
>> rlm_ldap: Over-riding set_auth_type, as there is no module ad02 listed in
>> the "authenticate" section.
>
> That I can almost understand. But it *also* giving the same complaint
> about "no module ldap...", which *is* listed.
>
>> rlm_ldap: Over-riding set_auth_type, as there is no module ad01 listed in
>> the "authenticate" section.
>>
>> It is acting like the modules ad01 and ad02 are not loading right.
>
> Yes. Give me some time to set up a local LDAP system, and I'll test
> it myself...
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list