Mitigate impact to SSSD client during partial identity provider outage

Solution Verified - Updated -

Issue

  • SSSD client is currently configured to use AD, IdM or LDAP as identity provider
  • Identity provider is discovered using service discovery via DNS
  • Partial outage on identity provider is expected:
    • At least one DNS server is available for service discovery, and
    • At least one identity provider (AD, IdM or LDAP) server is available to provide user identity
  • Need to mitigate the possible impact to user experience during outage

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9
  • Red Hat Enterprise Linux 10
  • System Security Services Daemon (SSSD)
    • Identity provider:
      • Active Directory (AD)
      • Identity Management Server (IdM)
      • Lightweight Directory Access Protocol (LDAP)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content