Dan Scott wrote:
> On Wed, Jul 14, 2010 at 12:07, Dmitri Pal <d...@redhat.com> wrote:
>> If you use SSSD instead of pam_krb5 then kerberos configuration file is
>> SSSD uses only the SSSD config file.
> Great, thanks.
>>> The /etc/sssd/sssd.conf file contains:
>>> ldap_id_use_start_tls = False
>>> cache_credentials = False
>>> auth_provider = krb5
>>> debug_level = 0
>>> krb5_kpasswd = ldap.example.com:749
>>> ldap_schema = rfc2307bis
>>> krb5_realm = EXAMPLE.COM
>>> ldap_search_base = dc=example,dc=com
>>> chpass_provider = krb5
>>> id_provider = ldap
>>> min_id = 500
>>> ldap_uri = ldap://ldap.example.com/
>>> krb5_kdcip = ldap.example.com:88
>> Shouldn't that be a fileserver1 or fileserver2?
> Well yes it could (should?) be, but I want 'both' so that the
> redundancy works. Can I have 2 krb5_kdcip entries? If I set it to one
> or the other then the redundant server won't work, will it?
> UPDATE: Have just received Jakub Hrozek email (Thanks Jakub). Adding
> fileserver1, fileserver2 appears to have fixed the problem. However,
> this means that I have to edit this file on all clients if I add a new
> IPA server. Is there any way around this?
Engineering Manager IPA project,
Red Hat Inc.
Looking to carve out IT costs?
Freeipa-users mailing list