On 16/04/13 09:18, Martin Kosek wrote:
I am glad to hear that.

Can you please describe what exactly was wrong in the DNS? We already do
several DNS checks which should prevent errors caused by misconfigured DNS.
In fact, the wrong situation was the DNS server already poiting to another Kerberos/Ldap server using SRV registers.

$ORIGIN _tcp.cica.es.
$TTL 600        ; 10 minutes
_gc                     SRV     0 100 3268 AD.cica.es.
_kerberos               SRV     0 100 88 AD.cica.es.
_kpasswd                SRV     0 100 464 AD.cica.es.
_ldap                   SRV     0 100 389 AD.cica.es.

This was an old setting, not valid anymore, since the server "ad.cica.es" doesn't exist.
FreeIPA server being installed was called "sheldon.cica.es"

The server installation script detected this, causing that strange behaviour.

I think its just a lazy sysadmin who didn't delete the old SRV registers :-)

Best regards.

Arturo Borrero González
Departamento de Seguridad Informática
Centro Informático Científico de Andalucía (CICA)
Avda. Reina Mercedes s/n - 41012 - Sevilla (Spain)
Tfno.: +34 955 056 600 / FAX: +34 955 056 650
Consejería de Economía, Innovación, Ciencia y Empleo
Junta de Andalucía

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Freeipa-users mailing list

Reply via email to