I have tested this but the hosts don't get an enrolled status. I have tried _kerberos TXT "MYREAL.DOMAIN.TLD" and without the quotes. I can't see any logging about it. Any idea ?
Thanks! Matt 2017-04-04 20:50 GMT+02:00 Matt . <yamakasi....@gmail.com>: > Hi Alexander, > > Superb, thanks a lot for this quick fix! > > Matt > > 2017-04-04 20:48 GMT+02:00 Alexander Bokovoy <aboko...@redhat.com>: >> On ti, 04 huhti 2017, Matt . wrote: >>> >>> Hi guys, >>> >>> Is it possible to create in a simple way the SRV domains for kerberos >>> on subdomains ? it's a pain to add them all manually when you have a >>> lot of subdomains. >>> >>> I hope someone has a solution. >> >> Create TXT record _kerberos.sub.domain.tld that contains name of your >> Kerberos realm in upper case. For MIT Kerberos clients this is enough to >> discover their proper Kerberos realm and DNS domain for SRV record >> discovery. >> >> -- >> / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project