ldap module for user and mac authentication

Alan DeKok aland at deployingradius.com
Wed Aug 8 16:03:29 CEST 2018

On Aug 7, 2018, at 4:04 PM, Dave Macias <davama at gmail.com> wrote:
> Yes, I had thought of something to the effect of (suggestions welcomed) :
> ...
> But this does not account for the scenario of openldap being dead.

  Unfortunately, the dynamic expansions don't deal well with this kind of problem.

  We're fixing that in v4, but it's hard to do for v3.

> Unless there is a way to query the "live" ldap server which the ldap module
> found %{ldap:ldap://%{live.ldap.server}/...} , if that makes sense

  No, there's no way to do that.  The fail-over in this case is handled by libldap.  So it's completely out of our control.

  Alan DeKok.

More information about the Freeradius-Users mailing list