As far as I can find out I need a _ldap._tcp SRV 0 100 389
ipa-01.mydomain.tld. in my subdomain, is there no more "general" way
to catch them all ?
2017-04-08 23:51 GMT+02:00 Matt . <yamakasi....@gmail.com>:
> I have tested this but the hosts don't get an enrolled status. I have
> tried _kerberos TXT "MYREAL.DOMAIN.TLD" and without the quotes. I
> can't see any logging about it. Any idea ?
> 2017-04-04 20:50 GMT+02:00 Matt . <yamakasi....@gmail.com>:
>> Hi Alexander,
>> Superb, thanks a lot for this quick fix!
>> 2017-04-04 20:48 GMT+02:00 Alexander Bokovoy <aboko...@redhat.com>:
>>> On ti, 04 huhti 2017, Matt . wrote:
>>>> Hi guys,
>>>> Is it possible to create in a simple way the SRV domains for kerberos
>>>> on subdomains ? it's a pain to add them all manually when you have a
>>>> lot of subdomains.
>>>> I hope someone has a solution.
>>> Create TXT record _kerberos.sub.domain.tld that contains name of your
>>> Kerberos realm in upper case. For MIT Kerberos clients this is enough to
>>> discover their proper Kerberos realm and DNS domain for SRV record
>>> / Alexander Bokovoy
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project