Failover with Active Directory

Robert Miller miller.robertw at outlook.com
Mon Aug 17 08:16:35 CEST 2020


Hello all,

I have been doing a lot of research and reading to set up freeradius to work with my situation. The final issue I'm not able to solve is failover. It seems when I test by disabling the network card on one of my Active Directory servers, freeradius no longer works correctly. When watching the debug it is usually super quick, when one AD is down the debug is really slow.  I believe that it being slow is the reason why the authorizations fail, they timeout. As soon as I bring either one of the downed ADs back online it works well.

In both default and inner-tunnel I have failover setup like this:

authorized {
redundant {
ldap1
ldap2
}

I have also setup ldap1 and ldap2

pool {
start = 0

My end goal with freeradius is to use AD for authorization, then freeradius will to the authentication. I have one policy setup to find allowed groups for the user.

CentOS 8 with Freeradius 3.0.17

Thanks,
Rob



More information about the Freeradius-Users mailing list