[Freeipa-users] Auto create kerberos/ldap SRV records on subdomain
Matt .
yamakasi.014 at gmail.com
Sat Apr 8 22:36:29 UTC 2017
As far as I can find out I need a _ldap._tcp SRV 0 100 389
ipa-01.mydomain.tld. in my subdomain, is there no more "general" way
to catch them all ?
2017-04-08 23:51 GMT+02:00 Matt . <yamakasi.014 at gmail.com>:
> I have tested this but the hosts don't get an enrolled status. I have
> tried _kerberos TXT "MYREAL.DOMAIN.TLD" and without the quotes. I
> can't see any logging about it. Any idea ?
>
> Thanks!
>
> Matt
>
> 2017-04-04 20:50 GMT+02:00 Matt . <yamakasi.014 at gmail.com>:
>> Hi Alexander,
>>
>> Superb, thanks a lot for this quick fix!
>>
>> Matt
>>
>> 2017-04-04 20:48 GMT+02:00 Alexander Bokovoy <abokovoy at redhat.com>:
>>> On ti, 04 huhti 2017, Matt . wrote:
>>>>
>>>> Hi guys,
>>>>
>>>> Is it possible to create in a simple way the SRV domains for kerberos
>>>> on subdomains ? it's a pain to add them all manually when you have a
>>>> lot of subdomains.
>>>>
>>>> I hope someone has a solution.
>>>
>>> Create TXT record _kerberos.sub.domain.tld that contains name of your
>>> Kerberos realm in upper case. For MIT Kerberos clients this is enough to
>>> discover their proper Kerberos realm and DNS domain for SRV record
>>> discovery.
>>>
>>> --
>>> / Alexander Bokovoy
More information about the Freeipa-users
mailing list