Jeffrey Collyer wrote: > So I moved my ldap lookup configuration from the authorize section of > the sites-enabled/default file into the inner-tunnel file. But I still > see the same number of ldap queries per eap session.
Then it's still doing LDAP lookups in the "default" virtual server. Or, you have LDAP-Group checks in the "default" virtual server. > Next I tried to enable the cache section in the eap.conf for tls, but I > have not seen that make any difference in the ldap calls. And from the > comments I assume that just for session resumption, not initial > authentication. Yes. > Could someone give me a pointer/hint as to how to configure eap/ldap to > cut down on the number of ldap queries. Any help greatly appreciated. The default configuration does *not* do LDAP lookups. So... use the default config, and then enable LDAP lookups in the "inner-tunnel". Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
