Mario Rossi wrote: > Emergency users should be used when LDAP fails and there is no other way to > get access to the box via ssh.
Yes. > I can recall an incident a few years ago where an > admin deleted the bigip_monitoring user thinking that the account is not used. > You would think that people would be able to tell what the user is being used > for :) In this case the LB took down the ldap farm and emergency user was a > savior until the user had been restored. ;-) My usual recommendation is *not* to use the load-balancer in sssd configuration. Tests showed that sssd with its persistent LDAP connection can cope fairly well with simple DNS round robin. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
