[Freeipa-users] Disable ldap dns lookup in freeipa?
Stamper, Brian P. (ARC-D)[Logyx LLC]
brian.p.stamper at nasa.gov
Mon Jun 13 20:08:34 UTC 2011
I understand that, what I'm asking is "Is --server required to be configured somewhere for 'normal' ipa use?" I can use -server on the command line. It also seems I can choose to disable SRV lookups when doing ipa-client-install after the SRV lookup fails. Is there anywhere else that I need to configure it? I guess I assumed that if ipa-finduser does a SRV lookup that just using ipa for authentication would also do a SRV lookup. Is that not the case?
-brian
On 6/13/11 1:00 PM, "Stephen Gallagher" <sgallagh at redhat.com> wrote:
On Mon, 2011-06-13 at 14:54 -0500, Stamper, Brian P. (ARC-D)[Logyx LLC]
wrote:
>
> Ok, that's perfect for testing. But when I'm actually using ipa, does
> it do this SRV lookup? With -server specificed, ipa-finduser takes
> between .5 and .85 seconds, which is great.
The reason for this is so that ipa can auto-detect which server is
available or least-loaded. With the DNS-based SRV records, it can easily
load-balance between replicas. If you're not using replicas and DNS, you
should use the --server option.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20110613/0244ca41/attachment.htm>
More information about the Freeipa-users
mailing list