On Fri, 2011-06-17 at 02:15 -0400, Tim Hildred wrote:
> Hello;
> I have a VM running FreeIPA, and have the DNS SRV records referencing ldap 
> and kerberos mentioned in the documentation. In trying to set the domain of 
> my Win2k8 VM to mysandbox.com, i get an error that the 
> "DNS name does not exist" 
> after running the query for 
> "_ldap._tcp.dc._msdcs.mysandbox.com"
> which is different than the example given for an LDAP SRV record. 
> So what SRV record has to exist that will allow my W2k8 VM to join 
> mysandbox.com domain?
> ipa dnsrecord-add _______________________

Sorry Tim, but FreeIPA cannot be a direct Domain Controller for Windows
clients. Unfortunately Windows Clients can only join AD domains and
stuff that behave *exactly* like AD down to very fine details.

There is actually a write-up here [1] on how to hook-up a windows client
to use FreeIPA as an authentication source, but that is not the same
thing as joining a domain. Depending on your needs it may be enough
though. Also note that we have not tested this guide with v2 or recent
Windows clients.

If you want an alternative to AD for your Windows clients I can suggest
trying Samba4, it is still not complete, but has enough basic AD
infrastructure to work for single domain deployments, with some minor



Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to