[Freeipa-users] Setting up FreeIPA with replicas without DNS
rob.harper at stfc.ac.uk
rob.harper at stfc.ac.uk
Wed May 28 08:13:33 UTC 2014
Hi all,
I am wanting to set up a FreeIPA domain for controlling a group of machines on our network, and want to use replica servers for resilience. However, I do not have control over DNS: our site prefers to use a central DNS service, which I can easily request changes in, but I don't have flexibility there.
I will, at this point, admit to not knowing a great deal about the workings of DNS, so if I am asking dumb questions, please feel free to point me at an RFC, howto or other documentation so I can get educated.
So I am trying to work out the best way to set things up. My initial hunch was that I should get A-records set up to provide a DNS round robin for the service. The problem appears to be that if I install FreeIPA on the servers using their own hostnames, their host certificates won't match the A-record, and if I set up FreeIPA to use the round robin hostname, it just doesn't look right to me.
I hope I have managed to explain my situation appropriately. I haven't been able to find documentation to help me with this (I suspect I just need to understand a few different aspects better than I do already), so can someone point me in the right direction, please?
Many thanks,
Rob
--
Scanned by iCritical.
More information about the Freeipa-users
mailing list