Currently, we operate three separate IPA instances across different
domains, each separated by firewalls. Since we require a unified user
and group base across all of them, managing this setup has become quite
cumbersome.
Would it be feasible to consolidate everything into a single IPA
instance serving all three domains? I'm aware of features like IPA
locations and the ability to configure additional realms, but would
those be sufficient?
In my opinion, one possible approach might be to set up a central IPA
environment with four servers, complemented by "satellite" replicas in
each domain. These could be prioritized by clients within their
respective networks using the locations feature.
@ipa-devs – I’d appreciate your insights on this!
Cheers,
Ronald
--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
