=?iso-8859-1?Q?Armin_Kr=E4mer?= <[EMAIL PROTECTED]> wrote: > I fired up an second ldap directoy which is replicated by first one. > > My problem is that if i kill ldap1 i cant get an result from ldap2. Bit the > database and directory is the same!
The response of the LDAP server indicates that's not true. > rlm_ldap: search failed > rlm_ldap: ldap_release_conn: Release Id: 0 > modcall[authorize]: module "ldap2" returns notfound for request 0 See? > The second problem is that if both ldap1 an d ldap2 are down the eap-tls > modul which is for authorisation goes on and authenticates the user.. Because the authentication is done via certificates, not by LDAP. > How can i change that that? I want to configure the server,that if > ldap failes the whole process fails and the user is rejected. What > will i have to add to my redundant part? Read doc/configurable_failover. Use the "always" module to return a reject. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html