[Freeipa-users] errors when one ipa server down
Rob Crittenden
rcritten at redhat.com
Mon Sep 10 15:11:06 UTC 2012
Simo Sorce wrote:
> On Mon, 2012-09-10 at 16:36 +0200, Sumit Bose wrote:
>> What about defining a task in the SSSD krb5 provider instead of
>> pinging
>> it from the locator plugin. The task can run at a configurable
>> interval
>> or never and checks if the current KDC is available. If not it tries
>> the
>> next until it goes offline if no reachable KDC can be found and
>> updates
>> or deletes the info file for the locator plugin..
>>
>> This leave us with the question how to ping a KDC properly, but this
>> we
>> have to find out for either case.
>>
> I am not a fan of generating load for the KDC unnecessarily.
>
> Simo.
>
I tend to agree but this can be a real pain to debug because depending
on the current state of sssd you have to either check krb5.conf or the
sssd locator to see what KDC is configured.
rob
More information about the Freeipa-users
mailing list