Am Tue, May 17, 2022 at 01:32:15PM -0000 schrieb Bayo A via FreeIPA-users: > Hi Rob, > > The error Client 'host/xxx@XXX' not found in Kerberos > database" which I'm also having in my environment. > > My IPA and AD realms use the same name however I'm not using DNS in my > implementation as well. The records of both the client and IPA-server are > contained in the host file of the servers thus all name resolution is done > locally without the need for a DNS server.
Hi, just skipping DNS host lookups is not sufficient. As Alexander already said in this thread: """ So you have unsupported configuration which is clearly described in RHEL IdM documentation as well as at https://www.freeipa.org/page/Deployment_Recommendations: -------------------------------------------------------------------- Domain FreeIPA should always have own primary domain, e.g. example.com or ipa.example.com which should not be shared with other Kerberos based identity management system as otherwise there will be collisions on Kerberos system level. -------------------------------------------------------------------- This is a fundamental requirement. """ bye, Sumit > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
