[Freeipa-users] How to reference to IPA Server in Multi-Master Setup ?
David Kupka
dkupka at redhat.com
Mon Jan 25 11:46:36 UTC 2016
On 25/01/16 12:08, Zeal Vora wrote:
> Thanks Petr.
>
> So if the domain is example.com, in DNS, what would be the IP associated
> with it ?
>
> As there are 2 master servers, each of them will have different IP address.
>
> On Mon, Jan 25, 2016 at 4:34 PM, Petr Spacek <pspacek at redhat.com> wrote:
>
>> On 25.1.2016 10:47, Zeal Vora wrote:
>>> Hi
>>>
>>> I have setup a multi-master IPA and it seems to be working fine.
>>>
>>> The clients ( laptops and servers ) are not using the DNS of IPA.
>>>
>>> I was wondering, while configuring ipa-client, which server do I
>> reference
>>> to when it asks the ipa-server hostname ?
>>>
>>> Both the master server has different hostnames.
>>>
>>> master1.example.com ( Master 1 )
>>> master2.example.com ( Master 2 )
>>
>> Specify only --domain option and do not use --server option at all. In will
>> enable server auto-detection using DNS SRV records and you will not need to
>> worry about adding/removing servers because all clients will automatically
>> pick the new list up.
>>
>> --
>> Petr^2 Spacek
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
>
>
>
The '--domain' parameter is for client installer to form DNS request.
Request that is sent is the same as one sent by this command:
dig -t SRV _ldap._tcp.<domain>
It then receiver list of records similar to this one:
100 0 389 <master1-fqdn>
100 0 389 <master2-fqdn>
Installer then goes through the list and checks if it's really FreeIPA
server and first one that passes is used. When IP address is needed it
can be resolved from the name included in SRV response.
HTH,
--
David Kupka
More information about the Freeipa-users
mailing list