On Wed, Aug 8, 2012 at 9:06 AM, Petr Spacek <pspa...@redhat.com> wrote: > Best way is to create subdomain UNIX.MYCOMPANY.COM and fill it with proper > SRV records (or let IPA to manage it).
Ugh, I hope this doesn't end up pushing us back to NIS. If I can get our infrastructure guys to buy off on making a unix.mycompany.com subdomain in DNS, would I need to move all the hosts to be under that subdomain in DNS? I have some services configured that are difficult to rename the DNS domain of. Could, for instance, host-one.mycompany.com be part of the UNIX.MYCOMPANY.COM realm, given a MYCOMPANY.COM realm also exists? I could then put some SRV records into the subdomain's zone to point the kerberos stuff to the IPA server, change the domain on the IPA server, change the realm on the IPA server, re-register clients, and everything would be happy? Ugh... actually... now that I think about this, I don't think I want half my servers in a unix subdomain in DNS, which means DNS and realm wouldn't match... Thoughts? Aside from rebuilding the infrastructure I've built already? :-) Rob _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users