So just for clarification, is this how I set it up: create new entries for your VMs with unique MACs and IP addresses edit /etc/hosts - add entries for you IP addresses and your new hosts - make sure the FQDN is the first name e.g. 192.168.122.2 myhost.mydomain.com myhost
If there is anything simpler or something that I missed just let me know. Thanks. -----Original Message----- From: Rich Megginson [mailto:rmegg...@redhat.com] Sent: Tuesday, July 24, 2012 10:49 AM To: 389 Directory server developer discussion. Cc: Chaudhari, Rohit K. Subject: Re: [389-devel] Setting up 389 DS without DNS On 07/23/2012 08:58 PM, Chaudhari, Rohit K. wrote: > Thanks everyone for the quick response. We do need to use TLS for doing LDAP > authentication for users to sign in. So based on the notes below, the lack > of DNS will not work. How can I get TLS and no-DNS to work together? It does work. Perhaps it is in violation of some spec somewhere (link?), but using /etc/hosts or even NIS host maps will work. DNS is not a requirement to get it to work. > > Thanks. > ________________________________________ > From: 389-devel-boun...@lists.fedoraproject.org > [389-devel-boun...@lists.fedoraproject.org] On Behalf Of Rich Megginson > [rmegg...@redhat.com] > Sent: Monday, July 23, 2012 8:09 PM > To: 389 Directory server developer discussion. > Subject: Re: [389-devel] Setting up 389 DS without DNS > > On 07/23/2012 05:13 PM, Paul Robert Marino wrote: > > On Jul 23, 2012 5:15 PM, "Rich > Megginson"<rmegg...@redhat.com<mailto:rmegg...@redhat.com>> wrote: >> On 07/23/2012 02:46 PM, Chaudhari, Rohit K. wrote: >>> Hey 389 community, >>> >>> >>> >>> I had a question. We want to set up 389-ds on a Red Hat VM without DNS. I >>> read online that disabling SELinux would allow us to accomplish this. Is >>> this true or false? >> >> False. AFAIK it has nothing to do with SELinux. Where did you read this? >> >> >>> If DNS cannot be disabled, how do we create a dummy DNS so that replication >>> and single sign-on from client to the server can occur? Do we have to >>> hard-code IP addresses or something else? Thank you for your time this >>> afternoon. >> >> It depends. If you are using Fedora/RHEL virtualization, you just have to >> virsh net-edit default - create new entries for your VMs with unique MACs >> and IP addresses >> edit /etc/hosts - add entries for you IP addresses and your new hosts - make >> sure the FQDN is the first name e.g. >> 192.168.122.2 myhost.mydomain.com<http://myhost.mydomain.com> myhost >> > This will only work if you don't intend to use TLS encryption > TLS requiers full forward and reverse 'DNS' lookup and won't work properly > with entries in the /etc/hosts file per the RFC that defines the TLS standard. > > Hmm - I've successfully done this with /etc/hosts files - what exactly is the > problem with that? What specifically requires a DNS lookup and not a getent > hosts? > >>> >>> Thanks. >>> >>> >>> >>> -- >>> 389-devel mailing list >>> 389-de...@lists.fedoraproject.org<mailto:389-de...@lists.fedoraproject.org> >>> https://admin.fedoraproject.org/mailman/listinfo/389-devel >> >> >> -- >> 389-devel mailing list >> 389-de...@lists.fedoraproject.org<mailto:389-de...@lists.fedoraproject.org> >> https://admin.fedoraproject.org/mailman/listinfo/389-devel > > > -- > 389-devel mailing list > 389-de...@lists.fedoraproject.org<mailto:389-de...@lists.fedoraproject.org> > https://admin.fedoraproject.org/mailman/listinfo/389-devel > > -- > 389-devel mailing list > 389-de...@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-devel -- 389-devel mailing list 389-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-devel
