Anton Chu wrote:
I've setup a master and slave ldap service for failover; however, I'd like some advice on how to keep the ldap clients cached with the ldap creds if ever the master and slave ldap server goes. I've tried to extend the time of the caching on nscd - name server caching daemon - but it doesnt work when I add ldap users to certain groups. I've also tried pam caching credentials but doesn't work that well either. Finally, I also tried sssd but couldn't get it to work on my Ubuntu 10.10 clients. Anyone have simple solution that works when slave and master ldap servers get out of commission? I've thought about getent passwd >> /etc/passwd cron job, etc.
Setup OpenLDAP nssov on all clients, use proxycache overlay and/or syncrepl to continue operating when servers and/or networks fail.