Freeradius 2.1.12 Second LDAP Server

Alan DeKok aland at
Thu Sep 12 17:03:39 CEST 2013

Kevin Bigalke wrote:
> i`m running a Freeradius Server 2.1.12 on a  Ubuntu 13.04 VM. The Login
> with 802.1 works perfectly. I`m using a Windows LDAP Server for the
> Login and want to add a second LDAP-Server for a Fail Over. I`m
> following the Tutorials to setup my Freeradius Server: **Click
> <>**. I`cant find a suitable Tutorial to
> adding a second LDAP Server for a Fail Over. Which files are responsible
> for the integration of a second LDAP server?


> These are my current Settings:

  That seems reasonable.

> */etc/samba/smb.conf*:

  Which largely doesn't matter for FreeRADIUS.

> */etc/freeradius/sites-enabled/inner-tunnel:*
> authenticate {
> ntlm_auth

  So... you're not using LDAP.

  Let's start from the beginning.  What, exactly are you trying to do?
What have you done?  Why did you think that would work?

  Be specific.

  In short, you *can't* do LDAP fail-over if you're using ntlm_auth.
That's because ntlm_auth interacts with Samba.  And you have *no* LDAP
configuration in the "authorize" section.  And Samba takes care of
Samba-related fail-overs, so LDAP isn't necessary.

  It's like you're asking for flying lessons, and showing up with a
bicycle.  There's a bit of a disconnect somewhere.

  Alan DeKok.

More information about the Freeradius-Users mailing list