13.2.23. Creating Domains: Primary Server and Backup Servers


Identity and authentication providers for a domain can be configured for automatic failover. SSSD attempts to connect to the specified, primary server first. If that server cannot be reached, then SSSD then goes through the listed backup servers, in order.

Note

SSSD tries to connect to the primary server every 30 seconds, until the connection can be re-established, and then switches from the backup to the primary.
All of the major service areas have optional settings for primary and backup servers[3].
Table 13.11. Primary and Secondary Server Parameters
Service Area Primary Server Attribute Backup Server Attribute
LDAP identity provider ldap_uri ldap_backup_uri
Active Directory identity provider ad_server ad_backup_server
Identity Management (IdM or IPA) identity provider ipa_server ipa_backup_server
Kerberos authentication provider krb5_server krb5_backup_server
Kerberos authentication provider krb5_server krb5_backup_server
Password change provider ldap_chpass_uri ldap_chpass_backup_uri
One and only one server can be set as the primary server. (And, optionally, the primary server can be set to service discovery, using _srv_ rather than a host name.) Multiple backup servers can be set, in a comma-separated list. The backup server list is in order of preference, so the first server listed is tried first.
[domain/EXAMPLE]
id_provider = ad
ad_server = ad.example.com
ad_backup_server = ad1.example.com, ad-backup.example.com


[3] Most services default to the identity provider server if a specific server for that service is not set.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.