Hi all, I am wanting to set up a FreeIPA domain for controlling a group of machines on our network, and want to use replica servers for resilience. However, I do not have control over DNS: our site prefers to use a central DNS service, which I can easily request changes in, but I don't have flexibility there.
I will, at this point, admit to not knowing a great deal about the workings of DNS, so if I am asking dumb questions, please feel free to point me at an RFC, howto or other documentation so I can get educated. So I am trying to work out the best way to set things up. My initial hunch was that I should get A-records set up to provide a DNS round robin for the service. The problem appears to be that if I install FreeIPA on the servers using their own hostnames, their host certificates won't match the A-record, and if I set up FreeIPA to use the round robin hostname, it just doesn't look right to me. I hope I have managed to explain my situation appropriately. I haven't been able to find documentation to help me with this (I suspect I just need to understand a few different aspects better than I do already), so can someone point me in the right direction, please? Many thanks, Rob -- Scanned by iCritical. _______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users