On 25/01/16 12:08, Zeal Vora wrote:
Thanks Petr.

So if the domain is example.com, in DNS, what would be the IP associated
with it ?

As there are 2 master servers, each of them will have different IP address.

On Mon, Jan 25, 2016 at 4:34 PM, Petr Spacek <pspa...@redhat.com> wrote:

On 25.1.2016 10:47, Zeal Vora wrote:
Hi

I have setup a multi-master IPA and it seems to be working fine.

The clients ( laptops and servers ) are not using the DNS of IPA.

I was wondering, while configuring ipa-client, which server do I
reference
to when it asks the ipa-server hostname ?

Both the master server has different hostnames.

master1.example.com  ( Master 1 )
master2.example.com  ( Master 2 )

Specify only --domain option and do not use --server option at all. In will
enable server auto-detection using DNS SRV records and you will not need to
worry about adding/removing servers because all clients will automatically
pick the new list up.

--
Petr^2 Spacek

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project





The '--domain' parameter is for client installer to form DNS request.
Request that is sent is the same as one sent by this command:
dig -t SRV _ldap._tcp.<domain>

It then receiver list of records similar to this one:
100 0 389 <master1-fqdn>
100 0 389 <master2-fqdn>

Installer then goes through the list and checks if it's really FreeIPA server and first one that passes is used. When IP address is needed it can be resolved from the name included in SRV response.

HTH,
--
David Kupka

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to