Re: freeradius and 2 ldap servers

Thu, 27 Apr 2006 21:39:03 -0700

Hey,

Thanks for your reply. After doing that, im getting some other error message like this..

modcall[authorize]: module "ldap_primary" returns ok for request 5
modcall: leaving group redundant  (returns ok) for request 5
  rlm_eap: EAP packet type response id 5 length 71
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 5
modcall: leaving group authorize (returns updated) for request 5
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
  rlm_eap: Request not found in the list
rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request
  rlm_eap: Failed in handler
  modcall[authenticate]: module "eap" returns invalid for request 5
modcall: leaving group authenticate (returns invalid) for request 5
auth: Failed to validate the user.

Any idea ??

On 4/28/06, Terry J Fike Jr <[EMAIL PROTECTED] > wrote:
Okay, i'm probably being a little dense here but just wanted to check
i'm understanding this correctly.

if i'm running 2 ldap servers; in the users file, do i need a default
entry for each ldap server?

for example:
moving from a line like this with a single ldap server:

DEFAULT Huntgroup-Name == People, Ldap-Group == dial, User-Profile :=
"uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net", Ldap-UserDN :=
`uid=%{User-Name},ou=People,dc=mtaonline,dc=net`
         Fall-Through = no

to two lines like this:

DEFAULT Huntgroup-Name == People, Ldap_primary-Ldap-Group == dial,
User-Profile := "uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net",
Ldap-UserDN := `uid=%{User-Name},ou=People,dc=mtaonline,dc=net`
         Fall-Through = no

DEFAULT Huntgroup-Name == People, Ldap_secondary-Ldap-Group == dial,
User-Profile := "uid=dial,ou=profiles,ou=radius,dc=mtaonline,dc=net",
Ldap-UserDN := `uid=%{User-Name},ou=People,dc=mtaonline,dc=net`
         Fall-Through = no

assuming your ldap instatiations are ldap_primary and ldap_secondary
respectively.

thanks in advance
t-

--
Terry J Fike Jr
System Administrator
MTA Solutions
907-793-4100
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to