ldap redundancy & Ldap-Group checkItem in user file
Fred
fred.maison at gmail.com
Mon Jan 25 17:32:13 CET 2010
ldap redundancy & Ldap-Group checkItem in user file
Hi all,
I try to migrate a freeradius 1 (where ldap failover was not working)
to freeradius 2 and I have some difficulties to configure LDAP
failover :
As Ldap-Group is registered with individual ldap instances name, (ei
ldap1-Ldap-Group & ldap2.Ldap-Group), it seems to be necessary to
reference ldap servers twice in users file checkItems :
ldap1-Ldap-Group == xyz
ldap2-Ldap-Group == xyz
.....
I don't see how to make freeradius register to somethink like ldapRedundant.
Is there any way to do that ?
Despite those attributes are instanciated, I can't have them checked
in file users
Ldap-Group were checked previously via files, users and huntgroups like this :
# users :
DEFAULT Huntgroup-Name == ras, NAS-Port-Type == Virtual , Ldap-Group
== ras, User-Profile :=
"uid=ras,ou=profiles,ou=radius,dc=mydomain,dc=local"
Fall-Through = no
DEFAULT Huntgroup-Name == ras, Service-Type == Login , Ldap-Group ==
ras, User-Profile :=
"uid=login,ou=profiles,ou=radius,dc=mydomain,dc=local"
Fall-Through = no
# huntgroups
ras NAS-IP-Address == 10.1.1.1
login NAS-IP-Address == 10.1.1.1
ras NAS-IP-Address == 10.1.2.1
login NAS-IP-Address == 10.1.2.1
ras NAS-IP-Address == 10.1.3.1
login NAS-IP-Address == 10.1.3.1
freeradius -X
FreeRADIUS Version 2.1.8 ......
rlm_ldap: Registering ldap_groupcmp for Ldap-Group
rlm_ldap: Creating new attribute ldap1-Ldap-Group
......
rlm_ldap: Registering ldap_groupcmp for Ldap-Group
rlm_ldap: Creating new attribute ldap2-Ldap-Group
....
Best regards,
Fred MAISON
More information about the Freeradius-Users
mailing list