I have done a simple verification without the option "--server" with
embedded DNS, it works.
Thanks to all
On Mon, Jun 12, 2017 at 7:00 PM, Arpit Tolani <arpittolani(a)gmail.com> wrote:
Hello
I am sorry, I am not sure but if your client hostname is within
correct domain, I think you dont need to give domain & realm.
like your IPA domain & realm is
dataservice.net & your client hostname
is
system2.dataservice.net, I think it will take it automatically,
Someone else can confirm.
Please test this locally.
Regards
Arpit Tolani
On Mon, Jun 12, 2017 at 4:25 PM, wenxing zheng <wenxing.zheng(a)gmail.com>
wrote:
> so we can safely ignore the --server option for the ipa-client-install?
but
> the --domain and --realm are mandatory?
>
> Many thanks to Arpit.
>
> On Mon, Jun 12, 2017 at 6:51 PM, Arpit Tolani <arpittolani(a)gmail.com>
wrote:
>>
>> Hello
>>
>> Try to run below commands on your IPA client & point resolv.conf to
>> IPA server & IPA client
>>
>> # dig srv
_ldap._tcp.dataservice.net
>> # dig srv
_kerberos._tcp.dataservice.net
>> # dig srv
_kpasswd._tcp.dataservice.net
>>
>>
>> If they return your IPA servers, It can automatically figure out your
>> IPA servers using DNS resolver
>>
>>
>> Regards
>> Arpit Tolani
>>
>> On Mon, Jun 12, 2017 at 4:17 PM, wenxing zheng <wenxing.zheng(a)gmail.com
>
>> wrote:
>> > I setup a IPA server: freeipa-server and a replica: freeipa-replica,
>> > both
>> > with embedded DNS. I have 2 server addresses:
>> >
freeipa-server.dataservice.net
>> > and
freeipa-replica.dataservice.net.
>> >
>> > When I am configuring the IPA client using the ipa-client-install, how
>> > to
>> > specify the "--server" option? or it can automatically figure out
the
>> > server
>> > via the DNS resolver?
>> >
>> > Thanks, Wenxing
>> >
>> > On Mon, Jun 12, 2017 at 6:36 PM, Arpit Tolani
<arpittolani(a)gmail.com>
>> > wrote:
>> >>
>> >> Hello
>> >>
>> >> > Can you help to shed more lights on how to configure the SRV
records
>> >> > for
>> >> > auto discovery?
>> >> >
>> >>
>> >> When ipa-server is setup with embedded DNS (using --setup-dns ) SRV
>> >> records are automatically added in IPA.
>> >>
>> >> If its external DNS server, You need to add records something like
>> >> this in your DNS server.
>> >>
>> >>
_ldap._tcp.example.com. 86400 IN SRV 0 100 389
>> >>
ipaserver1.example.com.
>> >>
_kerberos._tcp.example.com. 86400 IN SRV 0 100 88
>> >>
ipaserver1.example.com.
>> >>
_kerberos._udp.example.com. 86400 IN SRV 0 100 88
>> >>
ipaserver1.example.com.
>> >>
_kpasswd._tcp.example.com. 86400 IN SRV 0 100 464
>> >>
ipaserver1.example.com.
>> >>
_kpasswd._udp.example.com. 86400 IN SRV 0 100 464
>> >>
ipaserver1.example.com.
>> >>
>> >> After this client will auto discover IPA server which is providing
>> >> LDAP & Kerberos information.
>> >>
>> >>
>> >> Regards
>> >> Arpit Tolani
>> >
>> >
>>
>>
>>
>> --
>> Thanks & Regards
>> Arpit Tolani
>
>
--
Thanks & Regards
Arpit Tolani