On Thu, Jun 15, 2017 at 06:39:30AM -0000, Rishat Teregulov wrote:
Is there any way to fully disable dns server lookup
Just set the ad_server option:
ad_server, ad_backup_server (string)
The comma-separated list of hostnames of the AD servers to which SSSD should
connect in order of preference. For more information on failover and server redundancy,
see the “FAILOVER” section.
This is optional if autodiscovery is enabled. For more information on service
discovery, refer to the “SERVICE DISCOVERY” section.
Note: Trusted domains will always auto-discover servers even if the primary
server is explicitly defined in the ad_server option.
or set different dns server for service discovery (like dyndns_server
string, but just dns_server string) ?
No, sorry, this is not possible.
I tried to set all parameters in krb5.conf and sssd.conf for server,
but it still try to dns lookup.
For the joined domain or trusted domain?