Redunant result=action problem

Alan DeKok aland at
Thu Dec 1 15:45:26 CET 2016

On Dec 1, 2016, at 3:40 AM, matus2 <matus2 at> wrote:
> I have a small issue with ldap redundancy configuration.
> My goal is to set up ldap1 and ldap2 module redundancy( if first of
> listed module fail) with handling return action 'userlock'.
> I have followed page which
> describes how to assign group RESULT=ACTION specifiers and configured
> authorize section like this:
> authorize {
>    redundant {
>        ldap1
>        ldap2
>        userlock = 1
>    }

  That doesn't work, and never worked.  You'll not that you are mixing modules and return codes.  You can't do that.  None of the documentation says you can do that.

  If you want to update the priority for the ldap2 module, you can do:

	redundant {
		ldap2 {
			userlock = 1

  Alan DeKok.

More information about the Freeradius-Users mailing list