Thanks Dusty. I just implemented your suggestions and it's working very well.
Once again I am pleasantly surprised by the flexibility of FreeRADIUS. Great job! Jason > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Dusty Doris > Sent: Wednesday, July 13, 2005 4:53 PM > To: FreeRadius users mailing list > Subject: RE: FreeRADIUS v1.0.4, rlm_ldap module, and redundancy > > > > > > > You're using the LDAP-Group attribute, which is set to use svr1, > > > which is down. There's currently no fail-over for the LDAP-Group > > > attribute. > > > > > > > I dig, that's kind of what I thought (even if I didn't word > it correctly). > > Thanks for your help! > > > > You can simulate redundancy for the Ldap-Group attribute, by > doing this. > > Instantiate your ldap modules in radiusd.conf. > > instantiate { > srv1 > srv2 > srv3 > } > > In users file, add multiple lines of the same ldap-group > lookup, for each > srv. > > For example, say you must have ldap-group of dial if coming > from a dial > huntgroup. > > DEFAULT Huntgroup-Name == dial, srv1-Ldap-Group == dial > > DEFAULT Huntgroup-Name == dial, srv2-Ldap-Group == dial > > DEFAULT Huntgroup-Name == dial, srv3-Ldap-Group == dial > > What will happen is if the huntgroup matches, then the server > will lookup > on the srv1 instance if ldap-group = dial. If so, it matches and the > users file ends. If not, it continues down the file, where > it will then > try srv2. If that fails, it continues to srv3. > > So, if one and two are down, then this will require 3 > different lookups to > finally get to srv3, but it will provide you with some type > of redundancy. > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html