jeff donovan wrote: > I'm new to radius but have been reading. That's always positive.
> how can i search and alternate LDAP server for user credentials ? > If the first LDAP search fails try the next server in line. Do you mean "fail" or "notfound"? They're different... > I found some documentation- > * http://freeradius.org/radiusd/doc/ldap_howto.txt does not mention a > second server. > *http://freeradius.org/radiusd/doc/configurable_failover explains the > redundant setup for sql accounting. See also "man unlang". It explains this in more detail. > so far I tried adding the second ldap server, it's info is read during > module load -- no errors. The problem is,.. only one of the ldap systems > contains the correct info. So one WILL fail and the other will pass. > with that being said,.. How do i configure my server to Pass if either > system returns " ok " ? currently it will fail even if one LDAP system > returns good. That's because you're using a "redundant" block. It treats "notfound" as "LDAP server is still up", and it doesn't fail over to the next one. Because there was no failure! > authorize { ... > redundant { > ldap1 > ldap2 > } Change that to: ldap1 if (notfound) { ldap2 } And it will work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
