[Freeipa-users] Replication for sites not using FreeIPA for DNS?

Ian Levesque ian at crystal.harvard.edu
Wed Jan 18 17:17:12 UTC 2012


Hello,

I'm running IPA version 2.1.3-9 on RHEL 6.2 and just configured master/master replication. From what I can tell in the documentation [1], all of the client-discovering-a-replica magic happens via SRV records in DNS. This is quite different from what I'm used to, coming from managing an Open Directory service in which the replicated server's FQDN is passed on to the client through LDAP as an additional LDAP/KDC server to add to the client's local config.

My question is how can I take advantage of replication if we're not using the FreeIPA-blessed DNS server? Do I need to manually tweak the SSSD config to make it aware of a second LDAP/KDC server? Is there a hidden flag I can pass ipa-client-install to do this for me?

Thanks for any insight!
Ian


--
[1] http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/Identity_Management_Guide/index.html#ipa-servers-replicas




More information about the Freeipa-users mailing list