On 12/27/2014 01:19 AM, Prashant Bapat wrote:
I'm trying to implement FreeIPA for Users and SSH pub keys management
in our infra. We have a setup that spans multiple geographies. What we
are thinking is something like below.
1. Have 2 full FreeIPA servers with multi master replicas in one region.
2. In other regions just have a LDAP read-only replica.
3. Use the AuthorizedKeysCommand in SSH to look for a users pub key in
the respective region's LDAP.
Has anyone tried something on these lines?
Please share your experiences.
IPA does not support read only replicas at this time.
This would be a significant effort that we probably would not have time
to focus on till 2016-2017.
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project