Hi all,

I am wanting to set up a FreeIPA domain for controlling a group of machines on 
our network, and want to use replica servers for resilience.  However, I do not 
have control over DNS: our site prefers to use a central DNS service, which I 
can easily request changes in, but I don't have flexibility there.

I will, at this point, admit to not knowing a great deal about the workings of 
DNS, so if I am asking dumb questions, please feel free to point me at an RFC, 
howto or other documentation so I can get educated.

So I am trying to work out the best way to set things up.  My initial hunch was 
that I should get A-records set up to provide a DNS round robin for the 
service.  The problem appears to be that if I install FreeIPA on the servers 
using their own hostnames, their host certificates won't match the A-record, 
and if I set up FreeIPA to use the round robin hostname, it just doesn't look 
right to me.

I hope I have managed to explain my situation appropriately.  I haven't been 
able to find documentation to help me with this (I suspect I just need to 
understand a few different aspects better than I do already), so can someone 
point me in the right direction, please?

Many thanks,
Scanned by iCritical.

Freeipa-users mailing list

Reply via email to