On Wed, Mar 18, 2015 at 01:11:44PM -0400, Rob Crittenden wrote:
> On Wed, Mar 18, 2015 at 17:40:19 +0100, Andrew Holway wrote:
> > Im wondering how we should be handing SSSD for redundant configurations
> > on our freeipa clients. We have three freeipa servers; how can we make
> > SSSD check another freeipa in the event that one goes down?
> > [...]
> > ipa_server = _srv_, test-freeipa-2.cloud.domain.de
> _srv_ tells SSSD to check DNS for SRV records. The trailing server gives
> it a hardcoded fallback in case DNS fails for some reason. Their current
> configuration is correct.
However, it does not set priority for the preferred IPA server which
can be useful if they are in different geos and by default you want
the traffic to go to the local server. In that case
ipa_server = test-freeipa-2.cloud.domain.de, _srv_
might actually be preferred.
Principal Software Engineer, Identity Management Engineering, Red Hat
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project