redundant ldap configuration

Polish pavel.polacek at ujep.cz
Wed Dec 11 23:20:54 CET 2013


 	Hello,

   I tried setup redundant ldap on latest git version of FR3.

ldaps are defined in module ldap:
ldap ldap1 {
   ...
}

ldap ldap3 {
   ...
}

sites default and inner-tunnel are changed from ldap to
redundant {
   ldap1
   ldap3
}

If connections to ldap is established, fr returns "Login OK" and 
eapol_test SUCCESS.

If someone ldap connection is down, fr returns "Login OK", but eapol_test 
trying resending requests (in freeradius log I see "Discarding duplicate 
request from client test port 36732 - ID: 11 due to unfinished request")

In debug "freeradius -fxx -l stdout" returns Login incorect, and 
eapol_test failed immediatly:

(9)   redundant redundant {
(9) ERROR: ldap1 : All ldap connections are in use
(9)    [ldap1] = fail
(9) ERROR: ldap3 : All ldap connections are in use
(9)    [ldap3] = fail
(9)   } # redundant redundant = fail
(9)  } #  authorize = fail

LDAP server is eDirectory.

 	Thank you for tips	Pavel Polacek


More information about the Freeradius-Users mailing list