RE: Two LDAP-Servers
This is a discussion on RE: Two LDAP-Servers within the FreeRADIUS Users forums, part of the Networking and Network Related category; Hi, isnt this a typo?? autztype LDAP {=20 should be AUTHTYPE??? Regards, Edvin=20 -----Original Message----- From: freeradius-users-admin@...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-18-2005
|
|||
|
|||
RE: Two LDAP-Servers
Hi,
isnt this a typo?? autztype LDAP {=20 should be AUTHTYPE??? Regards, Edvin=20 -----Original Message----- From: freeradius-users-admin@lists.freeradius.org = [mailto:freeradius-users-admin@lists.freeradius.org] On Behalf Of = freeradius Sent: Montag, 18. April 2005 13:34 To: freeradius-users@lists.freeradius.org Subject: Two LDAP-Servers Hello, i tried to implement freeradius 0.8 with two ldapservers for = authentication. i want freeradius to check the one ldap-server first, if user not found, = the other server shoud be asked. But the second server will only be used by the radius-server, if the = first server is unreachable. If user is not found in server ldap1 = freeradius says: rlm_ldap: object not found or got ambiguous search result ldap_release_conn: Release Id: 0 modcall[authenticate]: module "ldap1" returns notfound modcall: group authtype returns notfound auth: Failed to validate the user. Can anyone help me? Best regards chris _____________________________________________ ldapconfig in "radiusd.conf": ldap ldap1 { server =3D "sldap1.mydomain.de" identity =3D "cn=3Duser,o=3Dlevel1" password =3D "" basedn =3D "o=3Dlevel1" filter =3D = "(uid=3D%{Stripped-User-Name:-%{User-Name}})" start_tls =3D no dictionary_mapping =3D ${raddbdir}/ldap.attrmap ldap_connections_number =3D 5 password_attribute =3D userPassword timeout =3D 4 timelimit =3D 3 net_timeout =3D 1 notfound =3D 1 } ldapconfig in radiusd.conf: ldap ldap2 { server =3D "sldap2.mydomain.de" identity =3D "cn=3Duser,o=3Dlevel1" password =3D "" basedn =3D "o=3Dlevel2" filter =3D = "(uid=3D%{Stripped-User-Name:-%{User-Name}})" start_tls =3D no dictionary_mapping =3D ${raddbdir}/ldap.attrmap ldap_connections_number =3D 5 password_attribute =3D userPassword timeout =3D 4 timelimit =3D 3 net_timeout =3D 1 notfound =3D 1 } authorize { preprocess chap mschap suffix files autztype LDAP { redundant { ldap1 ldap2 notfound =3D 1 } } } authenticate { authtype PAP { pap } authtype CHAP { chap } authtype MS-CHAP { mschap } unix authtype LDAP { ldap1 ldap2 } } preacct { preprocess suffix files } file "user" contains: DEFAULT Auth-Type :=3D LDAP Fall-Through =3D 1 DEFAULT Service-Type =3D=3D Framed-User Framed-IP-Address =3D 255.255.255.254, Framed-MTU =3D 576, Service-Type =3D Framed-User, Fall-Through =3D Yes DEFAULT Framed-Protocol =3D=3D PPP Framed-Protocol =3D PPP, Framed-Compression =3D Van-Jacobson-TCP-IP DEFAULT Hint =3D=3D "CSLIP" Framed-Protocol =3D SLIP, Framed-Compression =3D Van-Jacobson-TCP-IP DEFAULT Hint =3D=3D "SLIP" Framed-Protocol =3D SLIP ..+w m =CB=B1m z=1B=20 yv+=EA=A2=B8+=20 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
