_ldap._tcp.example.com. IN SRV 10 0 389 ldap1.example.com. _ldap._tcp.example.com. IN SRV 20 0 389 ldap2.example.com.will sssd fallback properly to ldap2 if ldap1 does not respond ?
On Wed, Sep 25, 2013 at 11:42:15AM +0200, Olivier wrote:The switches --enablesss and --enablesssdauth are meant for the case
> Hello everyone,
> I launch "authconfig" within a script to setup my redhat6 boxes.
> I noticed that authconfig does not set up sssd.conf properly :
> but the bug is declared as "closed" ?
> First question :
> could anyone confirm that authconfig does *not* configure
> sssd.conf with "--enablesss" and "--enablesssdauth" and
> that I therefore need to configure that file myself (by hand
> or within my script) ?
where the admin creates the sssd.conf manually and only wants the
authconfig to setup the NSS and PAM stacks for him. So with the latest
version, authconfig --enablesssdauth --enablesss should not touch the
sssd.conf at all.
Yes, if the ldap_uri parameter is missing, then the SSSD falls back to
> Second question:
> I noticed that sssd seemed to work properly even without
> declaring the "ldap_uri" parameter within sssd.conf. Could
> anyone confirm that this parameter is not necessary and
> where does sssd collect the list of ldap servers to query
> in that case, ldap.conf ?
DNS SRV discovery. As the sssd-ldap man page says:
ldap_uri, ldap_backup_uri (string):
If neither option is specified, service discovery is enabled.
sssd-users mailing list