Martin Basti wrote:
Hello,

IPA uses SRV records for failover to another replica/LDAP.

I don't know how it works on MACs, but in case that there is no
possibility to use SRV, you may need to file a RFE ticket
(https://fedorahosted.org/freeipa/newticket)

Agreed, SRV records are the preferred mechanism. I was curious though so played with this a bit and it is possible to add altServer values:

$ ldapmodify -x -D 'cn=directory manager' -W
Enter LDAP Password:
dn:
changetype: modify
add: altServer
altServer: ldap://gyre.example.com

modifying entry ""
^D

$ ldapsearch -LLL -x -b "" -s base altServer
dn:
altServer: ldap://gyre.example.com

My test rig is a single master so I don't know if this replicates or not.

rob


Martin


On 19.05.2016 17:43, Guillermo Fuentes wrote:
Hello all,

As OS X allows LDAP server failover via the altServer attribute
(RFC4512) from RootDSE, it would be great to be able to configure our
Macs to connect to a single FreeIPA server and add other FreeIPA
servers as multiple altServer values.
The current schema doesn't seem to support adding this attribute.
Can this be done in a way I'm missing?

Thanks in advance!

GUILLERMO FUENTES
SR. SYSTEMS ADMINISTRATOR

561-880-2998 x1337

guillermo.fuen...@modmed.com <mailto:guillermo.fuen...@modmed.com>


[ Modernizing Medicine ] <http://www.modmed.com/>
[ Facebook ] <http://www.facebook.com/modernizingmedicine>                [
LinkedIn ] <http://www.linkedin.com/company/modernizing-medicine/>              
  [
YouTube ] <http://www.youtube.com/user/modernizingmedicine>               [
Twitter ] <https://twitter.com/modmed_EMA>                [ Blog ]
<http://www.modmed.com/BlogBeyondEMR>             [ Instagram ]
<http://instagram.com/modernizing_medicine>









--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to