Thanks for the tip, Martin. Rob
> -----Original Message----- > From: Martin Kosek [mailto:[email protected]] > Sent: 28 May 2014 14:04 > To: Harper, Rob (STFC,RAL,SC); [email protected] > Subject: Re: [Freeipa-users] Setting up FreeIPA with replicas without DNS > > No worries. Note that at the end of ipa-server-install, you get a list of DNS > records (SRV, A) required to be added (in a BIND zone format). Additional > required updates caused by new/removed FreeIPA replicas are on your own > though. > > Martin > > On 05/28/2014 10:44 AM, [email protected] wrote: > > Well, after sending my query I started going back over the FreeIPA > documentation again and found information that I should probably be using > SRV records in DNS to handle the load balancing. > > > > I will look into this and figure out what I need to request of the site > network team. > > > > Apologies for cluttering up your inboxes! > > > > Rob > > > >> -----Original Message----- > >> From: [email protected] [mailto:[email protected]] > >> Sent: 28 May 2014 09:14 > >> To: [email protected] > >> Subject: [Freeipa-users] Setting up FreeIPA with replicas without DNS > >> > >> Hi all, > >> > >> I am wanting to set up a FreeIPA domain for controlling a group of > >> machines on our network, and want to use replica servers for > >> resilience. However, I do not have control over DNS: our site > >> prefers to use a central DNS service, which I can easily request changes > >> in, > but I don't have flexibility there. > >> > >> I will, at this point, admit to not knowing a great deal about the > >> workings of DNS, so if I am asking dumb questions, please feel free > >> to point me at an RFC, howto or other documentation so I can get > educated. > >> > >> So I am trying to work out the best way to set things up. My initial > >> hunch was that I should get A-records set up to provide a DNS round > >> robin for the service. The problem appears to be that if I install > >> FreeIPA on the servers using their own hostnames, their host > >> certificates won't match the A-record, and if I set up FreeIPA to use > >> the round robin hostname, it just doesn't look right to me. > >> > >> I hope I have managed to explain my situation appropriately. I > >> haven't been able to find documentation to help me with this (I > >> suspect I just need to understand a few different aspects better than > >> I do already), so can someone point me in the right direction, please? > >> > >> Many thanks, > >> Rob > >> -- > >> Scanned by iCritical. > >> > >> _______________________________________________ > >> Freeipa-users mailing list > >> [email protected] > >> https://www.redhat.com/mailman/listinfo/freeipa-users -- Scanned by iCritical. _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
