Hello
I am sorry, I am not sure but if your client hostname is within
correct domain, I think you dont need to give domain & realm.
like your IPA domain & realm is
, I think it will take it automatically,
Someone else can confirm.
Please test this locally.
Regards
Arpit Tolani
On Mon, Jun 12, 2017 at 4:25 PM, wenxing zheng <wenxing.zheng(a)gmail.com> wrote:
so we can safely ignore the --server option for the
ipa-client-install? but
the --domain and --realm are mandatory?
Many thanks to Arpit.
On Mon, Jun 12, 2017 at 6:51 PM, Arpit Tolani <arpittolani(a)gmail.com> wrote:
>
> Hello
>
> Try to run below commands on your IPA client & point resolv.conf to
> IPA server & IPA client
>
> # dig srv
_ldap._tcp.dataservice.net
> # dig srv
_kerberos._tcp.dataservice.net
> # dig srv
_kpasswd._tcp.dataservice.net
>
>
> If they return your IPA servers, It can automatically figure out your
> IPA servers using DNS resolver
>
>
> Regards
> Arpit Tolani
>
> On Mon, Jun 12, 2017 at 4:17 PM, wenxing zheng <wenxing.zheng(a)gmail.com>
> wrote:
> > I setup a IPA server: freeipa-server and a replica: freeipa-replica,
> > both
> > with embedded DNS. I have 2 server addresses:
> >
freeipa-server.dataservice.net
> > and
freeipa-replica.dataservice.net.
> >
> > When I am configuring the IPA client using the ipa-client-install, how
> > to
> > specify the "--server" option? or it can automatically figure out the
> > server
> > via the DNS resolver?
> >
> > Thanks, Wenxing
> >
> > On Mon, Jun 12, 2017 at 6:36 PM, Arpit Tolani <arpittolani(a)gmail.com>
> > wrote:
> >>
> >> Hello
> >>
> >> > Can you help to shed more lights on how to configure the SRV records
> >> > for
> >> > auto discovery?
> >> >
> >>
> >> When ipa-server is setup with embedded DNS (using --setup-dns ) SRV
> >> records are automatically added in IPA.
> >>
> >> If its external DNS server, You need to add records something like
> >> this in your DNS server.
> >>
> >>
_ldap._tcp.example.com. 86400 IN SRV 0 100 389
> >>
ipaserver1.example.com.
> >>
_kerberos._tcp.example.com. 86400 IN SRV 0 100 88
> >>
ipaserver1.example.com.
> >>
_kerberos._udp.example.com. 86400 IN SRV 0 100 88
> >>
ipaserver1.example.com.
> >>
_kpasswd._tcp.example.com. 86400 IN SRV 0 100 464
> >>
ipaserver1.example.com.
> >>
_kpasswd._udp.example.com. 86400 IN SRV 0 100 464
> >>
ipaserver1.example.com.
> >>
> >> After this client will auto discover IPA server which is providing
> >> LDAP & Kerberos information.
> >>
> >>
> >> Regards
> >> Arpit Tolani
> >
> >
>
>
>
> --
> Thanks & Regards
> Arpit Tolani