On 11/29/2012 01:16 PM, James Hogarth wrote:
I'm not entirely sure where that 86400 came from. When we do a dynamic update the TTL is hardcoded to 1200. There is a ticket to make this configurable, https://fedorahosted.org/__freeipa/ticket/3031 <https://fedorahosted.org/freeipa/ticket/3031> The patch I submitted on the SSSD side has actually been committed in 1.10 ... The report and patch I had there was about getting ipa-client-install to configure sssd.conf appropriately for sssd ... rather than changing the TTL after the system was first registered... Still trying to find time to work on the TTL this side within IPA GUI rather than just CLI (have it exposed in IPA... working on modifying it at the moment but still have one TTL per primary key rather than split it out entirely).
I'm not sure if I understood your intention correctly, but current IPA LDAP schema can't handle more than single TTL value per DNS name.
I.e. all records under single name (e.g. machine.example.com) has to have same TTL value.
-- Petr^2 Spacek _______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users