I have done a simple verification without the option "--server" with
embedded DNS, it works.

Thanks to all

On Mon, Jun 12, 2017 at 7:00 PM, Arpit Tolani <arpittol...@gmail.com> wrote:

> Hello
>
> I am sorry, I am not sure but if your client hostname is within
> correct domain, I think you dont need to give domain & realm.
>
> like your IPA domain & realm is dataservice.net & your client hostname
> is system2.dataservice.net, I think it will take it automatically,
> Someone else can confirm.
>
> Please test this locally.
>
>
> Regards
> Arpit Tolani
>
> On Mon, Jun 12, 2017 at 4:25 PM, wenxing zheng <wenxing.zh...@gmail.com>
> wrote:
> > so we can safely ignore the --server option for the ipa-client-install?
> but
> > the --domain and --realm are mandatory?
> >
> > Many thanks to Arpit.
> >
> > On Mon, Jun 12, 2017 at 6:51 PM, Arpit Tolani <arpittol...@gmail.com>
> wrote:
> >>
> >> Hello
> >>
> >> Try to run below commands on your IPA client & point resolv.conf to
> >> IPA server & IPA client
> >>
> >> # dig srv _ldap._tcp.dataservice.net
> >> # dig srv _kerberos._tcp.dataservice.net
> >> # dig srv _kpasswd._tcp.dataservice.net
> >>
> >>
> >> If they return your IPA servers, It can automatically figure out your
> >> IPA servers using DNS resolver
> >>
> >>
> >> Regards
> >> Arpit Tolani
> >>
> >> On Mon, Jun 12, 2017 at 4:17 PM, wenxing zheng <wenxing.zh...@gmail.com
> >
> >> wrote:
> >> > I setup a IPA server: freeipa-server and a replica: freeipa-replica,
> >> > both
> >> > with embedded DNS. I have 2 server addresses:
> >> > freeipa-server.dataservice.net
> >> > and freeipa-replica.dataservice.net.
> >> >
> >> > When I am configuring the IPA client using the ipa-client-install, how
> >> > to
> >> > specify the "--server" option? or it can automatically figure out the
> >> > server
> >> > via the DNS resolver?
> >> >
> >> > Thanks, Wenxing
> >> >
> >> > On Mon, Jun 12, 2017 at 6:36 PM, Arpit Tolani <arpittol...@gmail.com>
> >> > wrote:
> >> >>
> >> >> Hello
> >> >>
> >> >> > Can you help to shed more lights on how to configure the SRV
> records
> >> >> > for
> >> >> > auto discovery?
> >> >> >
> >> >>
> >> >> When ipa-server is setup with embedded DNS (using --setup-dns ) SRV
> >> >> records are automatically added in IPA.
> >> >>
> >> >> If its external DNS server, You need to add records something like
> >> >> this in your DNS server.
> >> >>
> >> >> _ldap._tcp.example.com. 86400   IN      SRV     0 100 389
> >> >> ipaserver1.example.com.
> >> >> _kerberos._tcp.example.com. 86400 IN    SRV     0 100 88
> >> >> ipaserver1.example.com.
> >> >> _kerberos._udp.example.com. 86400 IN    SRV     0 100 88
> >> >> ipaserver1.example.com.
> >> >> _kpasswd._tcp.example.com. 86400 IN     SRV     0 100 464
> >> >> ipaserver1.example.com.
> >> >> _kpasswd._udp.example.com. 86400 IN     SRV     0 100 464
> >> >> ipaserver1.example.com.
> >> >>
> >> >> After this client will auto discover IPA server which is providing
> >> >> LDAP & Kerberos information.
> >> >>
> >> >>
> >> >> Regards
> >> >> Arpit Tolani
> >> >
> >> >
> >>
> >>
> >>
> >> --
> >> Thanks & Regards
> >> Arpit Tolani
> >
> >
>
>
>
> --
> Thanks & Regards
> Arpit Tolani
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to