subject:"Re\: \[Freeipa\-users\] How to reference to IPA Server in Multi\-Master Setup \?"

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

2016-02-15 Thread Petr Spacek

On 26.1.2016 13:18, Zeal Vora wrote:
> Thanks David.
> 
> Generally for Operating systems like Amazon Linux etc which does not have a
> IPA-Client, we generally use SSSD to get things working.
> 
> In such cases, what would be optimal way to configure the SRV records as
> --domain parameter won't be present.

Hi,

ipa-client just configures SSSD, so SRV records will work just fine if you
configure it by hand.

Anyway, I would recommend you either to push Amazon to include IPA support in
their distro or to use RHEL/CentOS in AWS.

Petr^2 Spacek

> On Mon, Jan 25, 2016 at 5:16 PM, David Kupka  wrote:
> 
>> On 25/01/16 12:08, Zeal Vora wrote:
>>
>>> Thanks Petr.
>>>
>>> So if the domain is example.com, in DNS, what would be the IP associated
>>> with it ?
>>>
>>> As there are 2 master servers, each of them will have different IP
>>> address.
>>>
>>> On Mon, Jan 25, 2016 at 4:34 PM, Petr Spacek  wrote:
>>>
>>> On 25.1.2016 10:47, Zeal Vora wrote:

> Hi
>
> I have setup a multi-master IPA and it seems to be working fine.
>
> The clients ( laptops and servers ) are not using the DNS of IPA.
>
> I was wondering, while configuring ipa-client, which server do I
>
 reference

> to when it asks the ipa-server hostname ?
>
> Both the master server has different hostnames.
>
> master1.example.com  ( Master 1 )
> master2.example.com  ( Master 2 )
>

 Specify only --domain option and do not use --server option at all. In
 will
 enable server auto-detection using DNS SRV records and you will not need
 to
 worry about adding/removing servers because all clients will
 automatically
 pick the new list up.

 --
 Petr^2 Spacek

 --
 Manage your subscription for the Freeipa-users mailing list:
 https://www.redhat.com/mailman/listinfo/freeipa-users
 Go to http://freeipa.org for more info on the project


>>>
>>>
>>>
>> The '--domain' parameter is for client installer to form DNS request.
>> Request that is sent is the same as one sent by this command:
>> dig -t SRV _ldap._tcp.
>>
>> It then receiver list of records similar to this one:
>> 100 0 389 
>> 100 0 389 
>>
>> Installer then goes through the list and checks if it's really FreeIPA
>> server and first one that passes is used. When IP address is needed it can
>> be resolved from the name included in SRV response.
>>
>> HTH,
>> --
>> David Kupka
>>
> 


-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

2016-01-26 Thread Zeal Vora

Thanks David.

Generally for Operating systems like Amazon Linux etc which does not have a
IPA-Client, we generally use SSSD to get things working.

In such cases, what would be optimal way to configure the SRV records as
--domain parameter won't be present.




On Mon, Jan 25, 2016 at 5:16 PM, David Kupka  wrote:

> On 25/01/16 12:08, Zeal Vora wrote:
>
>> Thanks Petr.
>>
>> So if the domain is example.com, in DNS, what would be the IP associated
>> with it ?
>>
>> As there are 2 master servers, each of them will have different IP
>> address.
>>
>> On Mon, Jan 25, 2016 at 4:34 PM, Petr Spacek  wrote:
>>
>> On 25.1.2016 10:47, Zeal Vora wrote:
>>>
 Hi

 I have setup a multi-master IPA and it seems to be working fine.

 The clients ( laptops and servers ) are not using the DNS of IPA.

 I was wondering, while configuring ipa-client, which server do I

>>> reference
>>>
 to when it asks the ipa-server hostname ?

 Both the master server has different hostnames.

 master1.example.com  ( Master 1 )
 master2.example.com  ( Master 2 )

>>>
>>> Specify only --domain option and do not use --server option at all. In
>>> will
>>> enable server auto-detection using DNS SRV records and you will not need
>>> to
>>> worry about adding/removing servers because all clients will
>>> automatically
>>> pick the new list up.
>>>
>>> --
>>> Petr^2 Spacek
>>>
>>> --
>>> Manage your subscription for the Freeipa-users mailing list:
>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>> Go to http://freeipa.org for more info on the project
>>>
>>>
>>
>>
>>
> The '--domain' parameter is for client installer to form DNS request.
> Request that is sent is the same as one sent by this command:
> dig -t SRV _ldap._tcp.
>
> It then receiver list of records similar to this one:
> 100 0 389 
> 100 0 389 
>
> Installer then goes through the list and checks if it's really FreeIPA
> server and first one that passes is used. When IP address is needed it can
> be resolved from the name included in SRV response.
>
> HTH,
> --
> David Kupka
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

2016-01-25 Thread Petr Spacek

On 25.1.2016 10:47, Zeal Vora wrote:
> Hi
> 
> I have setup a multi-master IPA and it seems to be working fine.
> 
> The clients ( laptops and servers ) are not using the DNS of IPA.
> 
> I was wondering, while configuring ipa-client, which server do I reference
> to when it asks the ipa-server hostname ?
> 
> Both the master server has different hostnames.
> 
> master1.example.com  ( Master 1 )
> master2.example.com  ( Master 2 )

Specify only --domain option and do not use --server option at all. In will
enable server auto-detection using DNS SRV records and you will not need to
worry about adding/removing servers because all clients will automatically
pick the new list up.

-- 
Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

2016-01-25 Thread Zeal Vora

Thanks Petr.

So if the domain is example.com, in DNS, what would be the IP associated
with it ?

As there are 2 master servers, each of them will have different IP address.

On Mon, Jan 25, 2016 at 4:34 PM, Petr Spacek  wrote:

> On 25.1.2016 10:47, Zeal Vora wrote:
> > Hi
> >
> > I have setup a multi-master IPA and it seems to be working fine.
> >
> > The clients ( laptops and servers ) are not using the DNS of IPA.
> >
> > I was wondering, while configuring ipa-client, which server do I
> reference
> > to when it asks the ipa-server hostname ?
> >
> > Both the master server has different hostnames.
> >
> > master1.example.com  ( Master 1 )
> > master2.example.com  ( Master 2 )
>
> Specify only --domain option and do not use --server option at all. In will
> enable server auto-detection using DNS SRV records and you will not need to
> worry about adding/removing servers because all clients will automatically
> pick the new list up.
>
> --
> Petr^2 Spacek
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

2016-01-25 Thread Petr Spacek

On 25.1.2016 12:08, Zeal Vora wrote:
> Thanks Petr.
> 
> So if the domain is example.com, in DNS, what would be the IP associated
> with it ?
> 
> As there are 2 master servers, each of them will have different IP address.

Please see following text about DNS SRV records:
https://en.wikipedia.org/wiki/SRV_record

I hope it helps.

Petr^2 Spacek

> 
> On Mon, Jan 25, 2016 at 4:34 PM, Petr Spacek  wrote:
> 
>> On 25.1.2016 10:47, Zeal Vora wrote:
>>> Hi
>>>
>>> I have setup a multi-master IPA and it seems to be working fine.
>>>
>>> The clients ( laptops and servers ) are not using the DNS of IPA.
>>>
>>> I was wondering, while configuring ipa-client, which server do I
>> reference
>>> to when it asks the ipa-server hostname ?
>>>
>>> Both the master server has different hostnames.
>>>
>>> master1.example.com  ( Master 1 )
>>> master2.example.com  ( Master 2 )
>>
>> Specify only --domain option and do not use --server option at all. In will
>> enable server auto-detection using DNS SRV records and you will not need to
>> worry about adding/removing servers because all clients will automatically
>> pick the new list up.
>>
>> --
>> Petr^2 Spacek

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

2016-01-25 Thread David Kupka


On 25/01/16 12:08, Zeal Vora wrote:

Thanks Petr.

So if the domain is example.com, in DNS, what would be the IP associated
with it ?

As there are 2 master servers, each of them will have different IP address.

On Mon, Jan 25, 2016 at 4:34 PM, Petr Spacek  wrote:


On 25.1.2016 10:47, Zeal Vora wrote:

Hi

I have setup a multi-master IPA and it seems to be working fine.

The clients ( laptops and servers ) are not using the DNS of IPA.

I was wondering, while configuring ipa-client, which server do I

reference

to when it asks the ipa-server hostname ?

Both the master server has different hostnames.

master1.example.com  ( Master 1 )
master2.example.com  ( Master 2 )


Specify only --domain option and do not use --server option at all. In will
enable server auto-detection using DNS SRV records and you will not need to
worry about adding/removing servers because all clients will automatically
pick the new list up.

--
Petr^2 Spacek

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project







The '--domain' parameter is for client installer to form DNS request.
Request that is sent is the same as one sent by this command:
dig -t SRV _ldap._tcp.

It then receiver list of records similar to this one:
100 0 389 
100 0 389 

Installer then goes through the list and checks if it's really FreeIPA 
server and first one that passes is used. When IP address is needed it 
can be resolved from the name included in SRV response.


HTH,
--
David Kupka

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

Re: [Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?

6 matches

Site Navigation

Mail list logo

Footer information