On 08/21/2014 12:17 AM, Les Stott wrote:
>
> Hi All,
>
>  
>
> Am about to start rolling out clinet installs on rhel6 hosts with dns
> autodiscovery.
>
>  
>
> Enviroment: rhel6, ipa-3.0.0-37.el6.
>
>  
>
> I already have setup SRV records for Kerberos and ldap etc.
>
>  
>
> Are the following ntp records as SRV records necessary also?
>
>  
>
> ;ntp server
>
> _ntp._udp               IN SRV 0 100 123        ntp1.mydomain.com.
>
> _ntp._udp               IN SRV 0 100 123        ntp2.mydomain.com.
>
>  
>
> I’ve seen some guides that don’t reference them, others that do. I
> don’t see any adverse effects on the two freeipa servers (master +
> replica) that are currently running without the ntp srv records.
>
>  
>
> Thanks in advance,
>
>  
>
> Regards,
>
>  
>
> Les
>
>  
>
>
>
*ipa-client-install* and *ipa-server-install* use them to sync time
before they proceed to crypto operations, but they're not strictly
required, especially if time is already in sync.  If the records are not
available they attempt to sync directly with the IPA server, failing
that they will throw a warning and continue.  Microsoft has also been
adding support for them to a lot of their AD-connected mobile software,
but I think they too use it as a convenience, not a requirement.

--  
-----
*question everything*learn something*answer nothing*
------------
Lucas Yamanishi
------------------
Systems Administrator, ADNET Systems, Inc.
NASA Space and Earth Science Data Analysis (606.9)
7515 Mission Drive, Suite A100
Lanham, MD 20706 * 301-352-4646 * 0xD354B2CB

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to