On 1.6.2015 10:56, Innes, Duncan wrote:
> We don't have access to the _SRV_ records as the AD domain controls
> that, so we had to hard code the main and failover servers on the

Side note:
It sounds that your FreeIPA setup is using the same domain name as AD realm.
This is directly against
http://www.freeipa.org/page/Deployment_Recommendations#DNS
and will cause pain moving forward as AD Trusts and DNSSEC validation will be
impossible.

Please follow
http://www.freeipa.org/page/Deployment_Recommendations
for the next deployment :-)

-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to