On Mon, 2015-12-14 at 19:32 +0100, Karl Forner wrote:
> >From what I understood, a freeipa replica server is a kind of backup of
> another freeipa server.
> Both are usable by clients, and they will dynamically update their
> But I do not understand how a client will make use of the replica if the
> master server is down.
SSSD mostly manages discovery of servers, it is normally configure with
the name _srv_ + an actual name as fallback.
SSSD also feeds the information to kerberos libraries via a plugin.
If you are using another client yuou must make sure it is capable of
discovering servers via SRV records, or you have to configure the
various servers explicitly.
> Naively I would imagine, that like for DNS servers, that you configure a
> main freeipa server, and a secondary one in case the main one does not
> respond, but I can not find how to do it.
> Is this happening automagically ?
Yes, if you use ipa-client-install and do not force to use a specific
> Or this is not the way it is supposed to be used ?
This is what replicas are for, redundancy, and load sharing.
Simo Sorce * Red Hat, Inc * New York
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project