On Mon, 2015-12-14 at 19:32 +0100, Karl Forner wrote: > Hello, > > >From what I understood, a freeipa replica server is a kind of backup of > another freeipa server. > Both are usable by clients, and they will dynamically update their > information. > > But I do not understand how a client will make use of the replica if the > master server is down.
SSSD mostly manages discovery of servers, it is normally configure with the name _srv_ + an actual name as fallback. SSSD also feeds the information to kerberos libraries via a plugin. If you are using another client yuou must make sure it is capable of discovering servers via SRV records, or you have to configure the various servers explicitly. > Naively I would imagine, that like for DNS servers, that you configure a > main freeipa server, and a secondary one in case the main one does not > respond, but I can not find how to do it. > Is this happening automagically ? Yes, if you use ipa-client-install and do not force to use a specific server. > Or this is not the way it is supposed to be used ? This is what replicas are for, redundancy, and load sharing. Simo. -- Simo Sorce * Red Hat, Inc * New York -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project