Janne Blomqvist <[email protected]> writes:

> On 2016-01-13 23:54, Trey Dockendorf wrote:
>> We use 389 Directory Server for our LDAP and SSSD for clients, works
>> well.
>>
> We also use sssd on the clients, but instead of running or own
> LDAP(+kerberos) infrastructure, we use the university Active
> Directory.

We actually do something like this in that we manage relationships
between HPC users and research groups using Grouper
(http://www.internet2.edu/products-services/trust-identity-middleware/grouper/).
This information is used to create an HPC LDAP DIT on the central
university LDAP server.  We then sync this DIT with a DIT on local LDAP
servers running on the admin nodes of our cluster.

Cheers,

Loris

-- 
Dr. Loris Bennett (Mr.)
ZEDAT, Freie Universität Berlin         Email [email protected]

Reply via email to