Hi Jakub,
Hopefully I’m providing a decent discussion starting point. Is placing the DC into
resolv.conf the typical scenario? Or is it more that this is the Microsoft-recommended
way of doing things, full stop?
For example, I don’t put 8.8.8.8 into my resolver if I want to lookup the
www.google.com A
record. I suspect internal zones at companies are not resolved by adding more and more
lines to the resolv.conf file. I would rather think that corporate computers will
generally point at a corporate DNS server which knows how to delegate AD queries to the AD
servers, and other queries to other servers, and so on. But I could be overly optimistic
after reading the responses on another list (I recently asked this to the bind folks, and
they brought up a lot of interesting points).
https://lists.isc.org/pipermail/bind-users/2014-April/092919.html
Thanks for providing the tutorials. The previous 2008 R2 tutorial was very useful.
V/r,
Bryan
On Apr 10, 2014, at 10:20 AM, Jakub Hrozek <jhrozek(a)redhat.com> wrote:
Hi,
our current HOWTO[1] on connecting SSSD to an AD DC is outdated,
mostly because the page still only introduces the LDAP provider. Recently, me,
Sumit and Jeremy Agee wrote a new page that specifically advises to use
the AD provider and also use realmd for setup:
https://fedorahosted.org/sssd/wiki/Configuring_sssd_with_ad_server
We started a new page and kept the old one around mostly because pre-1.9
versions still need the LDAP provider info.
I'd like to get some review and feedback from our community so we can
link the wiki page from the front page or the documentation section. In
addition to the lists, I also CC-ed the individual contributors to the
original page directly..I hope that's fine.
Thank you for your comments.
[1]
https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate...
_______________________________________________
sssd-users mailing list
sssd-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users