I've got a new CentOS 7 server going into a remote location. I have local servers that authenticate against Active Directory (2012 if it matters) using winbindd. I'd like to have some method of using AD on the remote server, but I need to be able to access it if the network path to the AD servers is down. sssd caching won't do AFAIK (since that's just a cache that times out). This server is going to have out-of-band network access for remote management in case of network failure, so having access to it when it can't reach AD is its primary purpose. I'd like to use our existing AD setup (rather than manage local users) to make it easier to manage users/passwords. Is there a relatively simple method to replicate a chunk of the AD users/passwords to a remote CentOS server (I don't care about the SSO side of things)? Or is there some other way to solve this problem? -- Chris Adams <linux at cmadams.net>