> On to, 29 huhti 2021, iulian roman via FreeIPA-users wrote: > > First, to make it clear. You should not have IPA servers (replicas) in > .example.local. If you'd do, this is unsupported configuration and any > bugs you'd see there are your own problems. There is simply no way to > support servers from two separate Kerberos realms trusting each other in > the same DNS domain.
That means that both ipa server and replica should be in the .ipadev.example.local DNS domain (or any other domain different than .example.local) ? I need to mention that I am not using any integrated DNS, but an external one configured in Infoblox. The trust is only one way (ipa trusts AD domain). > > The configuration for IPA clients in .example.local is described in the > FreeIPA wiki's page you already referred in this thread. Anything > deviating from it would cause issues, as you are witnessing already. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
