On 1.6.2015 10:56, Innes, Duncan wrote: > We don't have access to the _SRV_ records as the AD domain controls > that, so we had to hard code the main and failover servers on the
Side note: It sounds that your FreeIPA setup is using the same domain name as AD realm. This is directly against http://www.freeipa.org/page/Deployment_Recommendations#DNS and will cause pain moving forward as AD Trusts and DNSSEC validation will be impossible. Please follow http://www.freeipa.org/page/Deployment_Recommendations for the next deployment :-) -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
