On 6/23/15 6:48 AM, John Hodrien wrote:
On Tue, 23 Jun 2015, Janelle wrote:
> Hello,
>
> My first post here. I have an issue with having occasional failures
> of LDAP servers being used by SSSD. What happens is that when a new
> server is stood up to replace the failed servers, users can't seem to
> login until SSSD is restarted. Some users can, and it is hard to tell
> which can and can't. I understand this is a caching setting or has
> something to do with caching, but I don't fully understand why sssd
> can't just keep running. Prior to this we used nslcd and never had
> these issues. Is this a known issue or am I missing something in the
> setup?
How are you telling SSSD about the available LDAP servers? Are you
using SRV
records?
jh
Servers are behind a load-balancer. Address never changes.
~J