Martin Basti wrote:
Hello,
IPA uses SRV records for failover to another replica/LDAP.
I don't know how it works on MACs, but in case that there is no
possibility to use SRV, you may need to file a RFE ticket
(https://fedorahosted.org/freeipa/newticket)
Agreed, SRV records are the preferred mechanism. I was curious though so
played with this a bit and it is possible to add altServer values:
$ ldapmodify -x -D 'cn=directory manager' -W
Enter LDAP Password:
dn:
changetype: modify
add: altServer
altServer: ldap://gyre.example.com
modifying entry ""
^D
$ ldapsearch -LLL -x -b "" -s base altServer
dn:
altServer: ldap://gyre.example.com
My test rig is a single master so I don't know if this replicates or not.
rob
Martin
On 19.05.2016 17:43, Guillermo Fuentes wrote:
Hello all,
As OS X allows LDAP server failover via the altServer attribute
(RFC4512) from RootDSE, it would be great to be able to configure our
Macs to connect to a single FreeIPA server and add other FreeIPA
servers as multiple altServer values.
The current schema doesn't seem to support adding this attribute.
Can this be done in a way I'm missing?
Thanks in advance!
GUILLERMO FUENTES
SR. SYSTEMS ADMINISTRATOR
561-880-2998 x1337
[email protected] <mailto:[email protected]>
[ Modernizing Medicine ] <http://www.modmed.com/>
[ Facebook ] <http://www.facebook.com/modernizingmedicine> [
LinkedIn ] <http://www.linkedin.com/company/modernizing-medicine/>
[
YouTube ] <http://www.youtube.com/user/modernizingmedicine> [
Twitter ] <https://twitter.com/modmed_EMA> [ Blog ]
<http://www.modmed.com/BlogBeyondEMR> [ Instagram ]
<http://instagram.com/modernizing_medicine>
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
