[Freeipa-users] New FreeIPA Install; Testing for Proof of Concept
Rob Ogilvie
rob at axpr.net
Wed Aug 8 20:48:24 UTC 2012
On Wed, Aug 8, 2012 at 12:31 PM, Simo Sorce <simo at redhat.com> wrote:
> Unlike AD we do not force all client to be positioned in the same DNS
> zone, however if you have clients not belonging to the same DNS domain
> you may have to change the krb5.conf file on all members of the realm to
> add additional [domain_realm] mappings so that you can tell that clients
> in zone foo.net are also to be looked for in the UNIX.MYDOMAIN.COM realm
> and its KDC.
I just, as a test, with no DNS set up for this, ran things with DNS
being mycompany.com, and the IPA domain being set up as
ovm.mycompany.com and realm of OVM.MYCOMPANY.COM, and everything
appears to be working great. The only piece is the ipa-client-install
needs to specify the (non-DNS) domain, realm, and server, but that's
no problem for me at all...
Any thoughts about problems I might see?
Rob
More information about the Freeipa-users
mailing list