On 21.5.2014 13:31, Davis Goodman wrote:
ldapsearch -D "cn=Directory Manager” -W -LLL -x -b

Please note that domain shadowing/hijacking/name collisions are *strongly* discouraged.

You *should not* use domain names you don't own. (According to
domain name 'ddistrict.int' is not registered. Policy for .int registration is on http://www.iana.org/domains/int/policy)

It will cause problems with DNSSEC and it also prevents you from accessing resources on Internet under the colliding name.

I guess that you want to have an internal sub-tree in DNS.
The recommended practice is to use sub-domain of your public (properly registered) domain. E.g.:

or even shorter

I hope this will help you to avoid serious problems in the future.

Have a nice day!

Petr^2 Spacek

Freeipa-users mailing list

Reply via email to