Redunant result=action problem

Alan DeKok aland at deployingradius.com
Thu Dec 1 15:45:26 CET 2016


On Dec 1, 2016, at 3:40 AM, matus2 <matus2 at ynet.sk> wrote:
> I have a small issue with ldap redundancy configuration.
> 
> My goal is to set up ldap1 and ldap2 module redundancy( if first of
> listed module fail) with handling return action 'userlock'.
> 
> I have followed page http://wiki.freeradius.org/config/Fail-over which
> describes how to assign group RESULT=ACTION specifiers and configured
> authorize section like this:
> 
> authorize {
>    redundant {
>        ldap1
>        ldap2
>        userlock = 1
>    }

  That doesn't work, and never worked.  You'll not that you are mixing modules and return codes.  You can't do that.  None of the documentation says you can do that.

  If you want to update the priority for the ldap2 module, you can do:

	redundant {
		ldap1
		ldap2 {
			userlock = 1
		}
	}

  Alan DeKok.




More information about the Freeradius-Users mailing list