On Wed, 2020-09-16 at 13:02 +0200, Sumit Bose via FreeIPA-users wrote: > sssctl should show all the IPA servers which can be found with a DNS > SRV > query. Does e.g. > > host -t SRV _ldap._tcp.your.ipa.domain > > show more servers than the sssctl output? If yes, can you show some > examples?
Wow. All except one SRV record for one master is missing. We had a DNS migration from AD to Infoblox. It never occurred to me to check DNS until I started looking at the domain status with sssctl. It looks like something went wrong with the migration and no one noticed (until I started investigating). > > If a master where to go offline (or appear to be offline), would it > > still be listed or would it get dropped? > > All discovered servers should be listed independent of their state. I'll try again once the missing records are added back. > > Is there a timeout for response that determines the IPA masters' > > online/offline status? > > There are multiple. E.g. ldap_search_timeout if the timeout happens > during and ldapsearch operation or ldap_opt_timeout if the timeout > happens during the ldapbind operation. See man sssd-ldap for details. Those timeouts I know about. I thought that maybe the list from sssctl would be missing servers if they weren't online or accessible. But, you've answered that question! Thanks to everyone for their help. -- Ranbir _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
