[Freeipa-users] 6.1 beta
Stephen Gallagher
sgallagh at redhat.com
Mon Apr 4 19:36:44 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 04/04/2011 03:06 PM, Dmitri Pal wrote:
> On 04/04/2011 03:01 PM, Sigbjorn Lie wrote:
>>
>> I also noticed that in /etc/sssd/sssd.conf the ipa server is specified
>> with:
>> ipa_server = _srv_, ipa01.ix.test.com
>>
>> sssd doesn't resolve anything from IPA until I remove "_srv_,"
>>
>
> Stephen, was there a recent bug on this matter in SSSD?
>
The purpose of _srv_ is to check DNS for IPA server addresses first. The
idea is that if you have more than one IPA server in service, then you
can use DNS to list all of them. Otherwise, the ipa-client-install can
only specify a static list of servers at the time of install. This would
mean that if the IPA servers changed IP addresses or new ones entered
production, it would be necessary to change all of the client
configuration files.
I'm puzzled why you would need to remove this, unless your DNS server is
returning something other than FreeIPA servers for a SRV request
directed at _ldap.tcp
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2aHcsACgkQeiVVYja6o6Pj1wCdFscY1K0TAohkhClctipBSFbJ
kHcAnAkeZkrRRGcalwHy/56dxA7nVQVS
=nxbk
-----END PGP SIGNATURE-----
More information about the Freeipa-users
mailing list