Brian Cook wrote:
Has anyone worked any magic to keep DNS, kerberos and LDAP request
routed to local servers in an IPA setup where topology is separated by
WAN links?

I have looked at things like doing sorts in the DNS client
configuration, BIND views, etc. but I would like to know if anyone else
has tried to tackle this issue.

Which clients? For some things (logins, etc) you can reverse the order of the servers in /etc/sssd/sssd.conf so a fixed server comes before the _srv_ entry in ipa_server. This way you can point at a desired server but still be able to fall back to DNS if it is down.


Freeipa-users mailing list

Reply via email to