On Thu, Sep 29, 2016 at 06:50:50PM +0200, Thomas Hummel wrote:
Hello,
I'm using sssd-ldap (1.12) with
ldap_uri =
pointing to a DNS name with 2 A records (simple DNS round robin).
Correct, we only use the first record.
My question is about what happens when the ldap server sssd has a active
connection to is shutdown ?
It seems that, if the entry is not in the cache, sssd simply returns no
entry which could lead to strange behavior (username stop to get resolved,
...) at the application level.
My understanding is that my setup is not compatible with the failover
feature. But it seems to me that the failover is about the _initial_ server
lookup (i.e. to find an answering server) anyway, isn't it ?
What is the best way to deal with an active backend connection which get
closed without returning an "false" empty entry ?
The recommended way is to use SRV records.