On Sat, 2014-06-07 at 18:49 +0100, John Hodrien wrote: > On 7 Jun 2014 18:38, steve <[email protected]> wrote: > > Hi > > Thanks. > > Yes, same here. Even though bind allows the signed updates from sssd, we > > don't need them. We can authenticate using sssd no matter what IP is > > assigned and no matter what is stored in AD. Maybe the ddns requirement > > could be removed from the default ad-backend? > > You can hijack a keytab from another machine and use it for sssd, so correct > DNS really doesn't matter for pure sssd operation. You'll only cause bother > for things using kerberos auth as a service (say samba/http/NFS/SSH), which > if you like such things is a big deal.
It doesn't seem to matter either. sssd autofs cifs works fine irrespective of dns. _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
