Freeradius 2.1.12 Second LDAP Server

Kevin Bigalke beliarsfire at outlook.com
Thu Sep 12 16:47:24 CEST 2013


Hello,
i`m
 running a Freeradius Server 2.1.12 on a  Ubuntu 13.04 VM. The Login 
with 802.1 works perfectly. I`m using a Windows LDAP Server for the 
Login and want to add a second LDAP-Server for a Fail Over. I`m 
following the Tutorials to setup my Freeradius Server: *Click*. I`cant find a suitable Tutorial to adding a second LDAP Server for a Fail Over. Which files are responsible for the integration of a second LDAP server? These are my current Settings:


 
/etc/freeradius/modules/ldap:
 
ldap ldap1 {
                server = "serv01.xyz.local"


                basedn = "dc=xyz,dc=local"
                filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"

                ldap_connections_number = 5
                timeout = 4
                timelimit = 3


                net_timeout = 1
 
                tls {

                               start_tls = no
                }
                dictionary_mapping = ${confdir}/ldap.attrmap


                edir_account_policy_check = no
 
                set_auth_type = no

                keepalive {
                               # LDAP_OPT_X_KEEPALIVE_IDLE
                               idle = 60


 
                               # LDAP_OPT_X_KEEPALIVE_PROBES
                               probes = 3


 
                               # LDAP_OPT_X_KEEPALIVE_INTERVAL
                               interval = 3


                }
}
 
ldap ldap2 {
                server = "serv02.xyz.local"


                basedn = "dc=xyz,dc=local"
                filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"

                ldap_connections_number = 5
                timeout = 4
                timelimit = 3


                net_timeout = 1
 
                tls {

                               start_tls = no
 
                }
 


                dictionary_mapping = ${confdir}/ldap.attrmap
                edir_account_policy_check = no

                set_auth_type = no
 
                keepalive {
                               # LDAP_OPT_X_KEEPALIVE_IDLE


                               idle = 60
 
                               # LDAP_OPT_X_KEEPALIVE_PROBES


                               probes = 3
 
                               # LDAP_OPT_X_KEEPALIVE_INTERVAL


                               interval = 3
                }
}
 
/etc/samba/smb.conf:

 
[global]
workgroup = XYZ
 dns proxy = no
 
  security = ads

                password server = serv01.xyz.local 
                password server = serv02.xyz.local
winbind separator = +


 
 
/etc/freeradius/sites-enabled/inner-tunnel:

 
authenticate {
ntlm_auth
…

 
 
/etc/freeradius/sites-enabled/default:
 

authenticate {
ntlm_auth
…
 

/etc/freeradius/users:
DEFAULT                             Auth-Type = ntlm_auth
 

Thanks for Help!
BeliarsFire
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130912/935ea1a4/attachment-0001.html>


More information about the Freeradius-Users mailing list