[Freeipa-users] how to force switch to another kdc
Jakub Hrozek
jhrozek at redhat.com
Tue Jan 5 07:14:08 UTC 2016
On Tue, Jan 05, 2016 at 12:16:48AM +0100, Karl Forner wrote:
> Hello,
>
> My freeipa master has crashed, and I have a replica running.
> The problem is that I can not use anymore the webapps on my main server
> which use a kerberos authentication since my server will not switch to the
> kdc on my replica.
As long as the authentication is done via sssd this should happen
automatically, but you can send USR1 followed by USR2 to sssd to force
going offline and back online. It would be nice to look into the logs,
though, to see why wouldn't sssd fail over itself.
>
> I remember that someone replied me on this list about that problem, but I'd
> like to konw if there's something I can do besides rebooting my main server
> ?
>
> freeipa 4.3
>
> sssd 1.12.5-1 running on ubuntu 14.04
>
> Thanks.
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list