Daniel Oakes daniel at
Tue Apr 7 04:36:00 CEST 2020

As per subject – trying to setup redundant-load-balance (or even redundant – don’t care as long as it works).

Line 157 was ‘ldap’

So just wanting some redundancy in the ldap module (as I’m finding freeipa is being arse sometimes and failing to respond, so I want to go to other one of the pair).

I’m going down a rabbit hole in trying to edit stanzas without understanding the implications.

I ended up in a point where it got further, but now I’m not getting an expansion of the ldap group:

elsif ("%{control:LDAP-Group[*]}" =~ /operations/) { etc


From: Freeradius-Users < at>
Date: Tuesday, 7 April 2020 at 12:02 PM
To: FreeRadius users mailing list <freeradius-users at>
Subject: Re: Redundant-load-balance
On Apr 6, 2020, at 7:08 PM, Daniel Oakes <daniel at> wrote:
> So I’ve tried, but failed to get this working – I’m sure someone can point me in the right direction (or a sledgehammer…).
> So I changed mods-enabled/ldap to have two entries


> Modified sites-enabled/inner-tunnel to:


> And tried variations based on finding things in the freeradius mailing lists but I can’t seem to get it working.
> Output from debug generally gives me:
> /etc/raddb/sites-enabled/inner-tunnel[157]: Failed to find "ldap" as a module or policy.

  So... what's on line 157 of that file?

> /etc/raddb/sites-enabled/inner-tunnel[157]: Please verify that the configuration exists in /etc/raddb/mods-enabled/ldap.
> /etc/raddb/sites-enabled/inner-tunnel[48]: Errors parsing authorize section.
> What secret sauce ingredient am I missing?  I’ve tried defining, including use instantiate etc, but just can’t get a working scenario.

  To do... what?

  Alan DeKok.

List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list