multiple ldap instances, which instance is used for searching?
Martin Kraus
lists_mk at wujiman.net
Wed Jul 3 18:34:47 CEST 2013
Hi.
I had to create 3 instances for the ldap module. One is the default
ldap {
}
and then I got two named
ldap ldap-eduroam {
}
ldap ldap-netdefault {
}
I'm using the two named for doing attribute pulling in post-proxy.
Now my setup stopped working because suddenly ldap-eduroam was checking for
groups when matching Ldap-Group. I was under the impression that when not
specificed with ldap-eduroam-Ldap-Group the default ldap entry would be used.
I had to instantiate the ldap modules in a special order
instantiate {
ldap-eduroam
ldap-netdefault
ldap
}
so the ldap instance would take over again. Is this an expected behaviour?
Will this solution hold or should I name the ldap instance as well and use
the name-Ldap-Group everywhere?
thanks
mk
More information about the Freeradius-Users
mailing list