we have 4 servers for redundancy in krb5.confkdc= server1kdc= server2kdc= server3kdc= server4master_kdc=server1master_kdc=server2master_kdc=server3master_kdc=server4admin_server=server1admin_server=server2admin_server=server3admin_server=server4 servers 1 and 2 are shutdown. I am unable to get kinit <userid> until I comment their lines out and bounce sssd however. So the failover isn't working as expected. Is there anything I need to do to make this happen? thank you
On Mon, Jul 10, 2017 at 02:10:48PM +0000, pgb205 via FreeIPA-users wrote:
we have 4 servers for redundancy in krb5.confkdc= server1kdc= server2kdc= server3kdc= server4master_kdc=server1master_kdc=server2master_kdc=server3master_kdc=server4admin_server=server1admin_server=server2admin_server=server3admin_server=server4 servers 1 and 2 are shutdown. I am unable to get kinit <userid> until I comment their lines out and bounce sssd however. So the failover isn't working as expected. Is there anything I need to do to make this happen? thank you
Please take a look into /var/lib/sss/pubconf/. Is there a file called kdcinfo_YOURREALM which contains the IP address of the KDC that is down?
See also https://jhrozek.wordpress.com/2014/11/04/how-does-sssd-interact-with-tools-l... for some more details.
freeipa-users@lists.fedorahosted.org