[Freeipa-users] confused about replica role and use
Karl Forner
karl.forner at gmail.com
Wed Dec 16 18:50:41 UTC 2015
>
> If you do a local login instead of a kinit, you will see that SSSD will
> switch to the new server and subsequent kinit will start using it.
>
Ok, I checked and it works just fine for me, thanks.
This dynamic discovery of freeipa servers by sssd is very elegant and
smart;
but I still do not understand how do you automatically switch to a replica
(ipa2) if your master (ipa1) is down
in some cases:
- to access the freeipa web ui. You have to use an url, e.g.
https://ipa1.example.com
If ipa1 is down, how do you know which url to use ?
- if you have other web apps that authenticate against the freeIPA LDAP
server.
Usually you have to provide a ldap url in the web app configuration, e.g.
ldap://ipa1.example.com.
What happens when ipa1 is down ?
Karl
> This is tracked here:
> https://fedorahosted.org/sssd/ticket/941
>
> Simo.
>
> --
> Simo Sorce * Red Hat, Inc * New York
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151216/36cc0dfe/attachment.htm>
More information about the Freeipa-users
mailing list