On 05/08/2013 12:41 PM, Johnny Westerlund wrote: > Hi all > > I'm planning implementing a IPA server at a site where there is > allready a working Active directory domain. > I would still like the machines from AD and IPA live in the same DNS > domain. > > Example. > AD Domainname = foo.bar > AD KERBEROS realm = FOO.BAR > a Host principal would look like: host/host1.foo....@foo.bar > > Now i would like to introduce the IPA server under a different realm > name but for the same DNS name. > > IPA domainname = foo.bar > IPA KERBEROS realm = LINUX.FOO.BAR (or what ever) > a Host principal would look like: host/host2.foo....@linux.foo.bar > > So basicly i would register the hostnames / PTR records in the > microsoft DNS and use the IPA kerberos REALM for authentication. > > Am i making any sense? is this asking for a world of hurt?
Yes this should be possible. Install it without DNS and point to AD DNS during install. I do not recall the exact command line switches but it should be clear from the ipa-server-install man page. You would have to either add IPA server records to AD DNS or explicitly configure clients to use static names for IPA servers. See ipa-client-install --fixed-primary and --server switches in man pages. > > > > > > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users