ldap load-balance

Elias Pereira empbilly at gmail.com
Thu Oct 6 15:19:07 UTC 2022


hello,

return the below error:

/etc/freeradius/mods-enabled/ldap[3]: Failed to link to module
'rlm_ldap-dc3': /usr/lib/freeradius/rlm_ldap-dc3.so: cannot open shared
object file: No such file or directory


On Thu, Oct 6, 2022 at 12:18 PM Michael Schwartzkopff <ms at sys4.de> wrote:

> On 06.10.22 15:57, Elias Pereira wrote:
> > hi,
> >
> > Thanks for the reply!!!
> >
> > I have a post-auth to direct the user to a specific vlan.
> >
> > It would look like this?
> >
> > redundant-load-balance {
> >          ldap-dc3
> >          ldap-dc4
> >     }
> >
> >
> > #  Auth-Type LDAP {
> > #     ldap
> > #  }
> >
> >     eap
> >
> > #  Auth-Type eap {
> > #     eap {
> > #        handled = 1
> > #     }
> > #     if (handled && (Response-Packet-Type == Access-Challenge)) {
> > #        attr_filter.access_challenge.post-auth
> > #        handled  # override the "updated" code from attr_filter
> > #     }
> > #  }
> > }
> >
> > post-auth {
> >     redundant-load-balance {
> >          ldap-dc3
> >          ldap-dc4
> >     }
> >     if (Ldap-Group == "CN=ADM,OU=GRUPOS,OU=CAMPUS,DC=company,DC=net") {
> >                  update reply {
> >                          &Tunnel-Type = VLAN
> >                          &Tunnel-Medium-Type = IEEE-802
> >                          &Tunnel-Private-Group-Id = "51"
> >                  }
> >          }
> >
> >     ...
> >
> >
> > On Thu, Oct 6, 2022 at 10:48 AM Michael Schwartzkopff via
> Freeradius-Users <
> > freeradius-users at lists.freeradius.org> wrote:
> >
> >> On 06.10.22 15:43, Elias Pereira wrote:
> >>> hi,
> >>>
> >>> I was reading the load-balance article on the freeradius wiki and had
> >> some
> >>> doubts.
> >>>
> >>> I have two vms with sambaAD. In mod-enable > ldap I need to configure 2
> >>> entries of the ldap block?
> >>>
> >>> eg:
> >>> ldap1{
> >>> ...
> >>> }
> >>>
> >>> ldap2{
> >>> ...
> >>> }
> >>>
> >>> 2. Is the loadbalance setting done in the file sites-enable > default?
> >>>
> >> hi,
> >>
> >>
> >> with the config above you configured the modules ldap1 and ldap2. You
> >> have to tell your server, i.e. the default server, to use this modules
> >> during authorization.
> >>
> >>
> >> Add something like instead of the default "ldap" statement.
> >>
> >> redundant-load-balance {
> >>       ldap1
> >>       ldap2
> >> }
> >>
> >>
> >> Mit freundlichen Grüßen,
> >>
> >> --
> >>
> >> [*] sys4 AG
> >>
> >> https://sys4.de, +49 (89) 30 90 46 64
> >> Schleißheimer Straße 26/MG,80333 München
> >>
> >> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
> >> Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
> >> Aufsichtsratsvorsitzender: Florian Kirstein
> >>
> >> -
> >> List info/subscribe/unsubscribe? See
> >> http://www.freeradius.org/list/users.html
> >>
> >
>
> Hi,
>
>
> I don't know about your setup and config. But it looks reasonable.
>
> If it works, it works. Just test it and read the debug output. check if
> the logs make sense and give a reasonable result.
>
>
> Mit freundlichen Grüßen,
>
> --
>
> [*] sys4 AG
>
> https://sys4.de, +49 (89) 30 90 46 64
> Schleißheimer Straße 26/MG,80333 München
>
> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
> Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
> Aufsichtsratsvorsitzender: Florian Kirstein
>
>

-- 
Elias Pereira


More information about the Freeradius-Users mailing list