On 12/27/2014 01:19 AM, Prashant Bapat wrote:
Hi All,

I'm trying to implement FreeIPA for Users and SSH pub keys management in our infra. We have a setup that spans multiple geographies. What we are thinking is something like below.

1. Have 2 full FreeIPA servers with multi master replicas in one region.
2. In other regions just have a LDAP read-only replica.
3. Use the AuthorizedKeysCommand in SSH to look for a users pub key in the respective region's LDAP.

Has anyone tried something on these lines?

Please share your experiences.


IPA does not support read only replicas at this time.
This would be a significant effort that we probably would not have time to focus on till 2016-2017.

Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to