On Wed, Mar 18, 2015 at 01:11:44PM -0400, Rob Crittenden wrote:
> On Wed, Mar 18, 2015 at 17:40:19 +0100, Andrew Holway wrote:
> > 
> > Im wondering how we should be handing SSSD for redundant configurations
> > on our freeipa clients. We have three freeipa servers; how can we make
> > SSSD check another freeipa in the event that one goes down?
> > 
> > [...]
> > 
> > ipa_server = _srv_, test-freeipa-2.cloud.domain.de
> 
> _srv_ tells SSSD to check DNS for SRV records. The trailing server gives
> it a hardcoded fallback in case DNS fails for some reason. Their current
> configuration is correct.

However, it does not set priority for the preferred IPA server which
can be useful if they are in different geos and by default you want
the traffic to go to the local server. In that case

        ipa_server = test-freeipa-2.cloud.domain.de, _srv_

might actually be preferred.

-- 
Jan Pazdziora
Principal Software Engineer, Identity Management Engineering, Red Hat

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to