On 23.4.2015 16:04, Harald Dunkel wrote: > Hi folks, > > I am very new to freeipa, so hopefully its allowed to ask: > I need a single realm EXAMPLE.COM and DNS zones for example.com , > develop.example.com, sales.example.com, etc. freeipa makes it > easy to create a subdomain using > > ipa dnszone-add a.example.com > ipa dnszone-mod a.example.com --dynamic-update=TRUE > > but it appears that all these fancy _ldap._tcp, _kerberos ._tcp > etc. records are not generated. Is this on purpose? Is a client > foo.a.example.com supposed to look for _ldap._tcp.example.com, > if _ldap._tcp.a.example.com cannot be found? > > The code for creating these basic entries must be somewhere in > freeipa, so I wonder if I missed to recognize some command line > options here? > > Is this setup something that freeipa (4.0.5) can handle at > all?
Hello! FreeIPA should automatically create _kerberos TXT record for you and clients should use this record to find the main FreeIPA DNS domain. That should be enough for standard-compliant clients, you do not need to worry about it. Have a nice day! -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
