Hi all!
In my setup I have 2 FreeIPA servers, both are masters (using location
without greater success, but I think that issue is a problem in layer 8
(between keyboard and chair)). Now when I have used FreeIPA for a while
I'm comfortable to let my home network use the FreeIPA for different
kind of services. But I don't want to setup a full replica at home for a
number for reasons: 1. I only use low-energy devices for the "house
needs" (like raspberry pi and other low end machines) 2. I don't really
trust how the replication will work during different kind of outages
(when I tear down the network and rebuild it for test something new, or
when my ISP having unannounced maintenance for a couple of hours).
The main purpose for stretch the ldap directory to my home network is to
have a simple single sign-on (some services are just using ldap insted
of true kerberos) for my family from some web logins and wifi
authentication.
I don't expect the users to change the password when they connect to
services that are using the FreeIPA cache, so I don't thing I need a
read-write proxy.
Thanks in advanced
//Robert
Show replies by date