[Freeipa-users] Disable ldap dns lookup in freeipa?
Simo Sorce
simo at redhat.com
Mon Jun 13 18:31:22 UTC 2011
On Mon, 2011-06-13 at 13:16 -0500, Stamper, Brian P. (ARC-D)[Logyx LLC]
wrote:
> This is a pretty serious problem. I don't own the name servers for
> this domain. I don't manage the entirety of the namespace. I don't
> want SRV entries for my host. Is there a way to disable the _srv
> lookup? I found the following thread:
>
> http://osdir.com/ml/freeipa-users/2011-04/msg00020.html
>
> Which discusses it a little bit. Specifying a static list of IPA
> servers is exactly what I want to do. I'm using 1.2, so I'm not using
> sssd.
I suggest you configure your freeipa installation to use a subdomain
like: ipa.arc.nasa.gov or similar and install the embedded freeipa DNS
server for your tests so that you "own" that zone.
It will be visible only to your server, so you don't have to worry about
"polluting" the organization DNS namespace, unless you actually ask for
being delegated such zone :)
Use your regular DNS servers as forwarders, and configure
the /etc/resolv.conf file to point to 127.0.0.1
It will make your life much easier.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list