[Freeipa-users] (no subject)
Dmitri Pal
dpal at redhat.com
Fri Oct 11 16:59:18 UTC 2013
On 10/11/2013 05:22 AM, ?????? ? wrote:
> Good afternoon. In each region, I have a couple of controllers
> (windows and ipa). With the authorization server in the logs ipa (sssd
> log) I find that the request is not for the neighbor by location
> windows server, and randomly throughout the forest. Tell me is there a
> way to explicitly specify the IPA server on windows DC. Logs attached.
> there somewhere documentation about?
I am not quite sure I understand you setup but I will try to give you
some hints.
If you want SSSD to access a specific IPA server or servers you can
define primary and secondary servers explicitly in the SSSD
configuration. See SSSD man pages.
This can also be done via ipa-client-install command line starting IPA
client 3.0 and SSSD 1.9
But that would sort of override the information coming from DNS.
If you are looking for SSSD to support DNS sites then this functionality
is available in SSSD in 1.11 if SSSD is joined directly to AD via AD
provider. If you are looking for the same functionality when SSSD
connects to IPA then it is still on the roadmap because IPA does not
support sites.
https://fedorahosted.org/freeipa/ticket/2008
>
>
> next to the IPA server pk529ad-dc01.sys.local
> IPA server and knocks pk429ad-dc01.sys.local to another region
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20131011/2748d8b6/attachment.htm>
More information about the Freeipa-users
mailing list