Dmitri,

Thanks for the input, but I tend to think the problem is further down within 
IM.    If it were a pure name misconfiguration
why would it work when IM is shut down and named restarted, with no change to 
the dns records ?

I'll keep monitoring this discussion for further input.

Al

From: freeipa-users-boun...@redhat.com 
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Dmitri Pal
Sent: Thursday, October 02, 2014 5:24 PM
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] named and IpA

On 10/02/2014 01:05 PM, Licause, Al (CSC AMS BCS - UNIX/Linux Network Support) 
wrote:
[cid:part1.05000104.02080200@redhat.com]

We have IdM running on a RHEL V7 system and have configured a local DNS server
in our test lab.

We have loaded the various SRV and TXT records needed by the IdM server.


PROBLEM:

>From the IdM server we can only lookup local records.  The name resolver will 
>not
attempt to look to another other name servers or domains defined in 
/etc/resolv.conf

If I shutdown IdM using ipactl stop and then restart named, the name resolver 
works
for local and remote hosts, addresses and domains as well as serving up the SRV 
records
defined on the local host.

Am I correct in assuming that while IdM is up and running, the only other 
systems it
will communicate with at least with regard to name services is another host also
running IdM defined either as a server or a client ?

If this is case, is there anyone to better integrate some of these common 
services such
as named into an existing network such that you are not limited by the IdM 
components ?


Al Licause



If DNS is running on IdM the DNS lookups might be forwarded to different DNS 
servers depending on your DNS cofiguration.
Based on what you describe it seems that there is some sort of DNS 
misconfiguration.
I would leave to gurus to help you with that.



--

Thank you,

Dmitri Pal



Sr. Engineering Manager IdM portfolio

Red Hat, Inc.
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to