On 10/19/2011 03:14 PM, Sigbjorn Lie wrote: > Hi, > > Has there been given any thought to the concept of sites within IPA to > improve cross-site implementations? This should be easy to implement > as you are already using DNS SRV records to locate the ldap/kerberos > servers. > > E.g. > Site: Boston > Site: London > > > Create a subdomain of the IPA dns domain named _sites, and a subdomain > of _sites for each site. > > Boston._sites.ipa.domain.com would contain the srv entries for IPA > servers in Boston: > _ldap._tcp in srv 0 100 389 boston-ipa-server1 > _ldap._tcp in srv 0 100 389 boston-ipa-server2 > ..... > > London._sites.ipa.domain.com would contain the srv entries for IPA > serers in London: > _ldap._tcp in srv 0 100 389 london-ipa-server1 > _ldap._tcp in srv 0 100 389 london-ipa-server2 > .... > > Now point the client's DNS "search" entry to point to the local site > first, then search the full name space: > Boston client's /etc/resolv.conf: > search Boston._sites.ipa.domain.com ipa.domain.com > > London client's /etc/resolv.conf: > search London._sites.ipa.domain.com ipa.domain.com > > > The main ipa.domain.com could still contain srv records for all IPA > servers, or selected IPA servers at the central hub. > > I know I can do this manually within the DNS managment in IPA today, > however it would be a lot easier to maintain "Sites" within the IPA > webui/cli. *blink* ;) > > What's your thoughts on this? > > > Please file an RFE in BZ.
> Regards, > Siggi > > > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
