On 28.2.2015 04:33, Rob Crittenden wrote:
> Hadoop Solutions wrote:
>> Hi,
>>
>> I am new to IPA and we are planning to deploy IPA one of our hadoop
>> cluster nodes.
>>
>> But, i have question on IPA:
>>
>> 1. we are using corp DNS on all nodes, but still is it required to
>> install IPA DNS server ?
>>
>> 2. Domain name will it conflicts with if any existing domain?
>>
>> ex: Domain name:   corp.abc.com <http://corp.abc.com>
>>
>>
>> Please let me know right way to install without any conflicts with
>> existing IPA like tools.
> 
> IPA just needs a sane, available DNS server. It doesn't need to own it.
> 
> There are some advantages to IPA owning the DNS server but as long as
> you're willing to maintain the records that IPA needs you'll be fine.
> 
> If you plan to ever, maybe, even an outside chance want to integrate
> with an AD server via trust you'll want to pick a unique realm for IPA
> and a separate DNS zone (ipa.corp.example.com). Even without AD doing
> that it can still be a good idea.

I would use stronger words: *Never ever* use conflicting DNS names, just
create new sub-domain.

Conflicts are hard to manage and it will most likely blow up in your face when
DNSSEC validation is enabled (some day in the future).

-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to