[Freeipa-users] Re: Query about the configuration on the High Availability of the FreeIPA

12 Jun 2017


      Hello
Try to run below commands on your IPA client & point resolv.conf to
IPA server & IPA client
# dig srv _ldap._tcp.dataservice.net
# dig srv _kerberos._tcp.dataservice.net
# dig srv _kpasswd._tcp.dataservice.net
If they return your IPA servers, It can automatically figure out your
IPA servers using DNS resolver
Regards
Arpit Tolani
On Mon, Jun 12, 2017 at 4:17 PM, wenxing zheng wenxing.zheng@gmail.com wrote:
...
I setup a IPA server: freeipa-server and a replica: freeipa-replica, both
with embedded DNS. I have 2 server addresses: freeipa-server.dataservice.net
and freeipa-replica.dataservice.net.
When I am configuring the IPA client using the ipa-client-install, how to
specify the "--server" option? or it can automatically figure out the server
via the DNS resolver?
Thanks, Wenxing
On Mon, Jun 12, 2017 at 6:36 PM, Arpit Tolani arpittolani@gmail.com wrote:
...
Hello
...
Can you help to shed more lights on how to configure the SRV records for
auto discovery?
When ipa-server is setup with embedded DNS (using --setup-dns ) SRV
records are automatically added in IPA.
If its external DNS server, You need to add records something like
this in your DNS server.
_ldap._tcp.example.com. 86400   IN      SRV     0 100 389
ipaserver1.example.com.
_kerberos._tcp.example.com. 86400 IN    SRV     0 100 88
ipaserver1.example.com.
_kerberos._udp.example.com. 86400 IN    SRV     0 100 88
ipaserver1.example.com.
_kpasswd._tcp.example.com. 86400 IN     SRV     0 100 464
ipaserver1.example.com.
_kpasswd._udp.example.com. 86400 IN     SRV     0 100 464
ipaserver1.example.com.
After this client will auto discover IPA server which is providing
LDAP & Kerberos information.
Regards
Arpit Tolani
-- 
Thanks & Regards
Arpit Tolani

2025

2024

2023

2022

2021

2020

2019

2018

2017

[Freeipa-users] Re: Query about the configuration on the High Availability of the FreeIPA