[RADIATOR] Seeking clarification on AuthBy LDAP2 PostSearchHpok

Heikki Vatiainen hvn at open.com.au
Fri Dec 17 15:41:12 CST 2010


On 12/17/2010 11:06 PM, Andrew Clark wrote:

> I've just got a simple question about a PostSearchHook when an AuthBy
> LDAP2 experiences a server timeout.  I know that AuthBy will return an
> IGNORE, but is the PostSearchHook skipped or does it still execute?

It does not execute. When the search terminates due to a timeout, you
should see something like this in the log:

ERR, "ldap search for $filter failed with error LDAP Timeout.
ERR, "Disconnecting from LDAP server (server $server:$port)

After the disconnect ERR, the search returns and the hook is not run.

In other words: the hook is only run if the results were received
without an error. MaxRecords controls how many results are examined, if
there are multiple results, and the hook runs for each result.

Does this sound like what you were expecting?

Thanks!

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list