[Freeipa-users] Re: Query about the configuration on the High Availability of the FreeIPA

Mon, 12 Jun 2017 03:56:23 -0700 

so we can safely ignore the --server option for the ipa-client-install? but
the --domain and --realm are mandatory?

Many thanks to Arpit.

On Mon, Jun 12, 2017 at 6:51 PM, Arpit Tolani <arpittol...@gmail.com> wrote:

> Hello
>
> Try to run below commands on your IPA client & point resolv.conf to
> IPA server & IPA client
>
> # dig srv _ldap._tcp.dataservice.net
> # dig srv _kerberos._tcp.dataservice.net
> # dig srv _kpasswd._tcp.dataservice.net
>
>
> If they return your IPA servers, It can automatically figure out your
> IPA servers using DNS resolver
>
>
> Regards
> Arpit Tolani
>
> On Mon, Jun 12, 2017 at 4:17 PM, wenxing zheng <wenxing.zh...@gmail.com>
> wrote:
> > I setup a IPA server: freeipa-server and a replica: freeipa-replica, both
> > with embedded DNS. I have 2 server addresses:
> freeipa-server.dataservice.net
> > and freeipa-replica.dataservice.net.
> >
> > When I am configuring the IPA client using the ipa-client-install, how to
> > specify the "--server" option? or it can automatically figure out the
> server
> > via the DNS resolver?
> >
> > Thanks, Wenxing
> >
> > On Mon, Jun 12, 2017 at 6:36 PM, Arpit Tolani <arpittol...@gmail.com>
> wrote:
> >>
> >> Hello
> >>
> >> > Can you help to shed more lights on how to configure the SRV records
> for
> >> > auto discovery?
> >> >
> >>
> >> When ipa-server is setup with embedded DNS (using --setup-dns ) SRV
> >> records are automatically added in IPA.
> >>
> >> If its external DNS server, You need to add records something like
> >> this in your DNS server.
> >>
> >> _ldap._tcp.example.com. 86400   IN      SRV     0 100 389
> >> ipaserver1.example.com.
> >> _kerberos._tcp.example.com. 86400 IN    SRV     0 100 88
> >> ipaserver1.example.com.
> >> _kerberos._udp.example.com. 86400 IN    SRV     0 100 88
> >> ipaserver1.example.com.
> >> _kpasswd._tcp.example.com. 86400 IN     SRV     0 100 464
> >> ipaserver1.example.com.
> >> _kpasswd._udp.example.com. 86400 IN     SRV     0 100 464
> >> ipaserver1.example.com.
> >>
> >> After this client will auto discover IPA server which is providing
> >> LDAP & Kerberos information.
> >>
> >>
> >> Regards
> >> Arpit Tolani
> >
> >
>
>
>
> --
> Thanks & Regards
> Arpit Tolani
>

_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to