On Wed, Jan 06, 2021 at 11:52:51AM -0500, Rob Crittenden via FreeIPA-users wrote: > Dominik Vogt via FreeIPA-users wrote: > > We've set up an ipa-server without DNS, using an /etc/hosts file, > > as was suggested in an older thread: > > > > > > https://www.mail-archive.com/[email protected]/msg10991.html > > > > There's no DNS at all available, and /etc/nsswitch contains the > > defaults ("hosts: files dns myhostname", but it's the same if I > > change that to just "hosts: files" and remove /etc/rsolv.conf). > > > > Ipa commands all take 30 seconds, but fine eventually. E.g. > > > > $ ipa user-find --all > > > > Strace shows that the process is sending a request to the DNS port > > on the ip address configured in /etc/resolv.conf, or 127.0.0.1 if > > that file does not exist. he conents of nsswitch.conf are > > ignored. > > > > So, how can this be fixed? Do we have to set up DNS to run the > > ipa-server? > > ipa commands run where? On the server or a client?
On the server. > So you are trying to use this in a completely DNS-free environment? > > I've done a lot of development in the past with the IPA servers only in > /etc/hosts but I don't believe I've done much if any completely DNS-free. If that's not tested I've no problem with that. Just hoped we could spare the additional complexity of hardening a DNS installation. Ciao Dominik ^_^ ^_^ -- Dominik Vogt _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
