IPA does not need to have internet access. But if you want to have the IPA server time synchronized, it needs to have access to the NTP server of your choice.
Martin On 11/21/2014 03:00 AM, Rolf Nufable wrote: > I have a new question ( stupid question really ) > is it required for the IPA server to have internet access? cuz thats my only > way to get the time right in my freeipa server.. the timedatectl in fedora20 > while using ntp theres some bugs maybe that every after reboot it doesn't > automatically run,( even with chkconfig on , even the ntpdate service doesn't > run automatically with chkconfig ) > TIA > > On Thursday, November 20, 2014 12:34 AM, Martin Kosek > <mko...@redhat.com> wrote: > > > On 11/20/2014 08:10 AM, Rolf Nufable wrote: >> I've installed freeipa 4.1.1 --setup-dns --no-forwarders so far the >> installation went well .. but I need to configure freeipa server as a >> forwarder right? >> so I used te web UI and added the freeipaserver ip as a forwarder, then I >> rebooted the freeipa server. >> after the reboot I couldn't access the web browser. >> Any idea on how can I fix this?? >> TIA >> >> On Wednesday, November 19, 2014 7:41 PM, Rolf Nufable >> <rolf_16_nufa...@yahoo.com> wrote: >> >> >> I have a quick question Do I need to configure the forwarders of >> freeipa-server 4.1.1 when doing the freeipa-install-server? >> I forgot the reason why I don't need to because my email suddenly deleted >> that message from Martin, and now I can't remember why or how not to include >> a forwarder, and how to add a forwarder manually.. >> TIA > > Forwarders just allows you to configure BIND to forward all requests for zones > it does not manage to specified name server. Normally, this is not required if > DNS is set correctly and BIND can simply get results by querying from top "." > to the required zone (e.g. "example.com."). > > But in internal networks or special deployments, you need to set up the > forwarders, yes. Just make sure they point to some recursive DNS server. More > on this topic in this book for example: > > http://www.zytrax.com/books/dns/ch4/ > > About your problem - it is probably DNS. Check where your resolv.conf is > pointing, check if DNS (named service) is running. Check that IPA is really > running (ipactl status) and you should find where the problem is. > > Martin > > > > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project