> If you do a local login instead of a kinit, you will see that SSSD will
> switch to the new server and subsequent kinit will start using it.

Ok, I checked and it works just fine for me, thanks.

This dynamic discovery of freeipa servers by sssd is very elegant and
but I still do not understand how do you automatically switch to a replica
(ipa2) if your master (ipa1) is down
in some cases:

 - to access the freeipa web ui. You have to use an url, e.g.
 If ipa1 is down, how do you know which url to use ?

 - if you have other web apps that authenticate against the freeIPA LDAP
 Usually you have to provide a ldap url in the web app configuration, e.g.
 What happens when ipa1 is down ?


> This is tracked here:
> https://fedorahosted.org/sssd/ticket/941
> Simo.
> --
> Simo Sorce * Red Hat, Inc * New York
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to