[Freeipa-users] New FreeIPA Install; Testing for Proof of Concept

[KodaK]

On Tue, Aug 7, 2012 at 4:48 PM, Rob Ogilvie <rob at axpr.net> wrote:
> I just found this additional log file entries on my IPA server.  The
> vm-mapsdc2 is one of the domain controllers/DNS servers not associated
> with IPA other than being one of our authoritative DNS servers.  Is
> something misconfigured in IPA on the server side?

It's hard to tell with the obfuscation, but is your DOMAIN the same as
the one handled by the domain controller vm-mapsdc2?

You can only have one Kerberos realm named DOMAIN.

For example, if you have the windows domain/Kerb realm MYCOMPANY.COM,
you will not be able to have it coexist with an IPA server controlling
the realm MYCOMPANY.COM.

If it's an oldschool NT type domain you should be OK, but if it's
Active Directory (which uses Kerberos) you can't do it.

-- 
The government is going to read our mail anyway, might as well make it
tough for them.  GPG Public key ID:  B6A1A7C6