[RADIATOR] hook for detecting directory connection problems

Hugh Irvine hugh at open.com.au
Fri Sep 12 02:57:44 CDT 2008 

Hello Barry -

I suppose you could use a PostAuthHook to check if the authentication  
result is "Ignore" and if so send some mail.

See the example hooks in "goodies/hooks.txt" and "Radius/Util.pm->sub  
sendMail()".

Radiator itself does not use this routine internally - it is there  
for special purposes such as this - test thoroughly and use with  
caution.

Please let me know how you get on.

regards

Hugh


On 12 Sep 2008, at 08:53, Barry Ard wrote:

> Thanks Hugh, I guess I didn't explain myself very well. I have  
> omitted the HoldServerConnection parameter and tweaked the Timeout  
> and FailureBackoffTime parameters but as I don't control the ldap  
> servers and we experience connection failures which result in the  
> FailureBackoffTime to be triggered I was just looking for a  
> mechanism to alert us to this situation (So we can alert the group  
> in charge of ldap prior to our helpdesk receiving complaints from  
> users). Once the ldap server connection fails they don't recover  
> and whatever we set for FailureBackoffTime doesn't matter.  
> Something like a LDAPConnectionHook would easily address this  
> situation but I am up for other suggestions but hopefully something  
> more elegant than scan the log files.
>
> Hugh Irvine wrote:
>>
>> Hello Barry -
>>
>> You can control whether or not the AuthBy LDAP2 clause uses  
>> persistent connections or not with the "HoldServerConnection"  
>> parameter.
>>
>> And you can control the Timeout and FailureBackoffTime with those  
>> parameters.
>>
>> See sections 5.36.17, 5.36.19 and 5.36.20 in the Radiator 4.3.1  
>> reference manual ("doc/ref.pdf").
>>
>> regards
>>
>> Hugh
>>
>>
>>
>> On 12 Sep 2008, at 00:16, Barry Ard wrote:
>>
>>> Hello,
>>> We are having problems with ldap directory connections failing  
>>> and need to quickly detect the failures. The directory servers  
>>> are run by a different group which have been slow to address the  
>>> problems. The environment consists of a cluster of directory  
>>> servers and we are told not to use persistent connections because  
>>> of this. I am thinking a hook that would be processed when a  
>>> connection fails and then FailureBackoffInterval is used would be  
>>> perfect. Other suggestions are also welcome of course.
>>>
>>> Barry
>>>
>>> _______________________________________________
>>> radiator mailing list
>>> radiator at open.com.au
>>> http://www.open.com.au/mailman/listinfo/radiator
>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/ 
>> archives/radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>> Have you checked the RadiusExpert wiki:
>> http://www.open.com.au/wiki/index.php/Main_Page
>>
>
>
> -- 
> =================================================================
> Barry Ard                                   barry.ard at ualberta.ca
> Network Operations
> Academic Information and Communication Technologies (AICT)
> University of Alberta
> Edmonton, Alberta   Canada
>
> This communication is intended for the use of the recipient to  
> which it
> is addressed, and may contain confidential, personal, and/or  
> privileged
> information.  Please contact us immediately if you are not the  
> intended
> recipient of this communication.  If you are not the intended  
> recipient
> of this communication, do not copy, distribute, or take action on it.
> Any communication received in error, or subsequent reply, should be
> deleted or destroyed.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

More information about the radiator mailing list