On 21.8.2014 06:17, Les Stott wrote:
Hi All,

Am about to start rolling out clinet installs on rhel6 hosts with dns 

Enviroment: rhel6, ipa-3.0.0-37.el6.

I already have setup SRV records for Kerberos and ldap etc.

Are the following ntp records as SRV records necessary also?

Technically not but they are highly recommended (assuming that your IPA servers are running a NTP server).

;ntp server
_ntp._udp               IN SRV 0 100 123        ntp1.mydomain.com.
_ntp._udp               IN SRV 0 100 123        ntp2.mydomain.com.

I've seen some guides that don't reference them, others that do. I don't see 
any adverse effects on the two freeipa servers (master + replica) that are 
currently running without the ntp srv records.

The adverse effect will probably manifest on client side. Things (Kerberos :-) will break if time on client is too far away from time on server.

Petr^2 Spacek

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to