I tried these methods and none of them really worked effectively against a
defective LDAP server. The best solution I found was a decent load balancer
with LDAP server availability testing..
--
Leigh
On 17 Dec 2010, at 22:24, Heikki Vatiainen wrote:
> On 12/17/2010 11:29 PM, Christian Kratze
On 12/17/2010 11:29 PM, Christian Kratzer wrote:
>> one more quick question. What is the behavior of AuthBy LDAP2 with a
>> round-robin DNS entry (multiple A records for the RR)? If I'd like
>> failover behavior, will a single Host declaration with a round-robin
>> record be enough, or do I need
On 12/17/2010 11:06 PM, Andrew Clark wrote:
> I've just got a simple question about a PostSearchHook when an AuthBy
> LDAP2 experiences a server timeout. I know that AuthBy will return an
> IGNORE, but is the PostSearchHook skipped or does it still execute?
It does not execute. When the search t
Hi,
On Fri, 17 Dec 2010, Andrew Clark wrote:
> Hi,
>
> one more quick question. What is the behavior of AuthBy LDAP2 with a
> round-robin DNS entry (multiple A records for the RR)? If I'd like
> failover behavior, will a single Host declaration with a round-robin
> record be enough, or do I nee
Hi,
one more quick question. What is the behavior of AuthBy LDAP2 with a
round-robin DNS entry (multiple A records for the RR)? If I'd like
failover behavior, will a single Host declaration with a round-robin
record be enough, or do I need to list out each individual LDAP
server?
Load-balancing
Hello,
I've just got a simple question about a PostSearchHook when an AuthBy
LDAP2 experiences a server timeout. I know that AuthBy will return an
IGNORE, but is the PostSearchHook skipped or does it still execute?
--
Andrew D. Clark
Network Operations Engineer
University of Minnesota, Networki
Hi Gerard,
You are totally right - this hack won't survive any updates.
A config based solution would definitely be preferred.
You are right as well with the handler - at least a valid
client handler will be needed in order to accept a request
(or default handler will probably do it as well).
C
Hi Remo,
thank you for your solution.
This reminds me that I did something similar for an old version of
Radiator but after upgrading I forgot to add this hack.
If nobody can give an alternative I'll add your solution. But a config
solution would be better because we wouldn't need to remember t
Hi Gerard,
I had the same goal but I simply did a small change in Client.pm (look for this
code snippet: "if ($code eq 'Status-Server')").
There I just add a small if clause to ensure that only requests from the
localhost were accepted. Something like this: "if ($self->{Name} ==
"127.0.0.1") {
Hi,
I'm trying to control the Status-Server requests. My goal is just to
permit the querying of my radius status only by some clients.
My first handler in the configuration is this one below, but no request
matches it.
Filename/dev/null
# StripFromReply Reply
10 matches
Mail list logo
