Aljaž Srebrnič wrote:
>> On 23 Jan 2018, at 14:44, Rob Crittenden via FreeIPA-users
>> <
>> <>> wrote:
>> But why?
>> Is it because the hardware is so cheap? Is it better/easier/cheaper than
>> running it in a VM on an existing box? Is it merely for the "fun" factor
>> (and I'm not disparaging it, I do lots of things just to see if it can
>> be done).
>> rob
> There are a couple of applications actually, I’m currently trying to
> build an access control system based on an IPA replica that runs *on*
> the door, using the existing replication mechanisms. This way, even if
> networking is down, as long as the door has power, I can open it.

This is great feedback, thanks.

You might be able to get away with an IPA client in this case. sssd will
cache credentials. This wouldn't cover the case where someone hasn't
used the door yet, power goes off, and they need to open it though.

I suspect that running without a CA is much more viable, but 389-ds can
be resource-intesive as well depending on how many entries you have.

FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to