Hi, I'm currently evaluating a couple of options to migrate our dated OpenLDAP installation to a more up2date, maintainable and and user friendly solution.
One of the possibilities I found is of course FreeIPA and I hope this is the right place to as couple of basic questions, in order to get a better understanding if FreeIPA can meet our requirements. Our current setup looks like this: OpenLDAP used as storage for user, DHCP and DNS information: #1 users are either regular Unix (Linux, FreeBSD) shell users #2 or they are users accessing our mail services (dovecot/postfix) #3 (a low number of) certificates are currently handled by TinyCA #4 DHCP is handled by multiple, distributed ISC DHCP servers, configured to pull their configuration from OpenLDAP (network definitions, routers, NTP servers, MAC addresses etc.) #5 DNS is handled by multiple, distributed PowerDNS instances, which again retrieve their DNS data from OpenLDAP As far as I can understand, FreeIPA can easily handle #1, #2 and #3. But what about DHCP and DNS? I understand that FreeIPA's backbone is the 389 DS. I guess migrating our DHCP DIT into 389 is doable, but what about administration of those entries? Can this be done by FreeIPA? Regarding DHCP, all I found were some older documents describing intentions to implement it [1], but I'm uncertain if that ever happened. Regarding DNS, I am aware that FreeIPA comes with bind, but if possible, I'd really like to stay with PowerDNS. Is that possible? And if not, how tightly integrated is bind into FreeIPA? One mandatory requirement is that we need to have multiple, geographically distributed nameservers that hold various amounts of DNS data (currently determined by LDAP filters). I of course understand that bind is perfectly capable of doing this, but depending on the level of integration between FreeIPA and bind, I'm not exactly sure how "easy" this can be done. Thanks in advance Udo [1] https://pagure.io/freeipa/issue/939 -- Udo Rader, GF/CEO BestSolution.at EDV Systemhaus GmbH Eduard-Bodem-Gasse 5-7, A-6020 Innsbruck http://www.bestsolution.at/ Reg. Nr. FN 222302s am Firmenbuchgericht Innsbruck
signature.asc
Description: This is a digitally signed message part
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
