Janne Blomqvist <[email protected]> writes: > On 2016-01-13 23:54, Trey Dockendorf wrote: >> We use 389 Directory Server for our LDAP and SSSD for clients, works >> well. >> > We also use sssd on the clients, but instead of running or own > LDAP(+kerberos) infrastructure, we use the university Active > Directory.
We actually do something like this in that we manage relationships between HPC users and research groups using Grouper (http://www.internet2.edu/products-services/trust-identity-middleware/grouper/). This information is used to create an HPC LDAP DIT on the central university LDAP server. We then sync this DIT with a DIT on local LDAP servers running on the admin nodes of our cluster. Cheers, Loris -- Dr. Loris Bennett (Mr.) ZEDAT, Freie Universität Berlin Email [email protected]
