On 08/27/2013 02:57 PM, Jakub Hrozek wrote:
On Tue, Aug 27, 2013 at 12:01:45PM +0200, Pavel Březina wrote:
On 08/18/2013 09:45 PM, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1964
Currently the AD sites are enabled unconditionally
Hi,
at the moment, there cannot be set two srv plugins on one fail over context:
[ad_failover_init] (0x0100): No primary servers defined, using
service discovery
[fo_add_srv_server] (0x0400): Adding new SRV server to service
'gc_ad.pb' using 'tcp'.
[fo_add_srv_server] (0x0400): Adding new SRV server to service
'ad.pb' using 'tcp'.
[_ad_servers_init] (0x0100): Added service discovery for AD
[be_fo_set_srv_lookup_plugin] (0x0400): Trying to set SRV lookup
plugin to AD
[sssd[be[ipa.pb]]] [fo_set_srv_lookup_plugin] (0x0080): SRV lookup
plugin is already set
[sssd[be[ipa.pb]]] [be_fo_set_srv_lookup_plugin] (0x0080): Unable to
set SRV lookup plugin, another plugin may be already in place
So unfortunately, the change won't be that trivial :-(
Ugh, sorry, I thought I tested the patch..apparently I was wrong.
Maybe we can abuse the fact that IPA installer only ever puts the local
replica hostname to the ipa_server parameter and not use any resolve
plugin in the server mode?
See attached patch. I'm wondering whether to extend it with a warning
for cases where some admin overriden the ipa_server directive.
Or even better, read the ipa_server list, if there is no _srv_ keyword,
proceed as the attached patch, if there is a _srv_ keyword, then don't
enable the AD sites? (This I think would be mostly sanity checking, I
don't think anyone would run such a setup)
This solution sounds good.
At the moment if sssd is in ipa server mode, ipa_enable_dns_sites =
false (default) and _srv_ is set, no plugin is specified and srv
resolution won't work. Thus I will actually require you to implement the
last paragraph before I give it a go :-)
Otherwise LGTM.
_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
