I've been reading the docs regarding failover and I'm not sure if the following
is correct. It seems to process an extra query.
group {
redundant {
ldap1-primary
ldap1-failover
}
fail = 1
ok = return
redundant {
ldap2-primary
ldap2-failover
}
}
The intent is that if the user is not found in ldap1, then ldap2 is tried.
Ldap2 should be skipped if ldap1 returns ok. In each block the failover should
be tried if the primary doesnt respond.
The failover works, but it seems that the ldap2 is tried even if ldap1 finds
the user. Am I missing something?
Regards,
-John Doppke
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
