On Fri, Mar 20, 2015 at 11:06:04AM +0100, Jan Pazdziora wrote: > On Wed, Mar 18, 2015 at 01:11:44PM -0400, Rob Crittenden wrote: > > On Wed, Mar 18, 2015 at 17:40:19 +0100, Andrew Holway wrote: > > > > > > Im wondering how we should be handing SSSD for redundant configurations > > > on our freeipa clients. We have three freeipa servers; how can we make > > > SSSD check another freeipa in the event that one goes down? > > > > > > [...] > > > > > > ipa_server = _srv_, test-freeipa-2.cloud.domain.de > > > > _srv_ tells SSSD to check DNS for SRV records. The trailing server gives > > it a hardcoded fallback in case DNS fails for some reason. Their current > > configuration is correct. > > However, it does not set priority for the preferred IPA server which > can be useful if they are in different geos and by default you want > the traffic to go to the local server. In that case > > ipa_server = test-freeipa-2.cloud.domain.de, _srv_ > > might actually be preferred.
Or even better, set the weight and priority fields on the server and keep using SRV resolution :-) -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
