but Im getting hammered by my management for instant answers.......they asked
last night and expect an answer this morning.....and I'm expected to catch up
and deploy several important solutions/projects all hinging on IPA ASAP.......
2.2 isnt in RHEL6.3 though?
Anyway I will leave it longer, but Qs seem to drop off the list pretty
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
From: Rob Crittenden [rcrit...@redhat.com]
Sent: Thursday, 21 June 2012 8:31 a.m.
To: Steven Jones
Subject: Re: [Freeipa-users] Do clients have to be in teh same DNS zone / FQDN
as the IPA servers / Kerberos Realm?
Steven Jones wrote:
> I assume with no reply, now one knows?
That's not really fair, it hasn't even been 24 hours.
> My IPA servers are say ipa1 and 2.ipa.example.com
> I have existing linux servers that I would rather not change the FQDN on, say
> server1.example.com Do I actually have to make the client
> server1.ipa.example.com or can I leave it as is at server1.example.com? Would
> that give any IPA problems? or is it just poor practice?
Yes, you should be able to enroll server1.example.com into the
ipa.example.com realm. You'll need a v2.2+ client for this to work. A
patch was added (contributed by a user, actually) that will add a domain
mapping to krb5.conf so this should work.
Freeipa-users mailing list