[Beowulf] Re: Linux cluster authenticating against multiple Active Directory domains
Dave Love
d.love at liverpool.ac.uk
Tue Aug 12 09:03:45 PDT 2008
Chris Samuel <csamuel at vpac.org> writes:
>> It required some patches to nss_ldap to make it work properly and the
>> pam config was a little bit tricky, but it did work.
>
> Yeah, we'd looked at some of the NSS stuff and realised it
> would need patching.. :-(
It's been a while since I looked at NSS's guts, but I'd guess it just
needs another instance of nss_ldap with a different name (service) built
with a different config file name wired in; that file points at the
alternate server. Then decide on the priority between them in lookups.
You could also script building db databases from one server, updated via
cron, similarly to nss_updatedb.
More information about the Beowulf
mailing list