Secondary LDAP server

Kenneth Marshall ktm at
Wed Mar 9 14:48:51 CET 2011

On Tue, Mar 08, 2011 at 05:16:35PM -0600, Gary Gatten wrote:
> I'm pretty sure this is discussed, examples, etc in the doc: online and in FR conf files. Sorry I don't have exact location handy, but I'm sure its there.
> From: McNutt, Justin M. [mailto:McNuttJ at]
> Sent: Tuesday, March 08, 2011 05:02 PM
> To: freeradius-users at <freeradius-users at>
> Subject: Secondary LDAP server
> One of my virtual servers uses LDAP auth.  However, it isn't clear to me if modules/ldap can be configured with a secondary LDAP server, should the primary fail to respond.  The group that provides the LDAP server can't set up multiple servers behind a load balancer due to cert issues, so I'm looking for a way to add a failover LDAP server to the RADIUS configuration.
> What's the easiest/best/recommended way to do something like this?  Can modules/ldap be configured this way, or should I create a modules/ldap2 (or similar) and call it somehow?
> Suggestions welcome.
> Thanks!
> Justin McNutt
> Network Systems Analyst - Ninja
> DNPS, Mizzou Telecom
> (573) 882-5183

Look at redundant, load-balance and redundant-load-balance in
"man unlang". It goes over how to set this up and yes you will
need to set up an ldap2.


More information about the Freeradius-Users mailing list