[Freeipa-users] integrated DNS vs external DNS
Martin Basti
mbasti at redhat.com
Thu Feb 23 15:21:34 UTC 2017
Hello,
comments inline
On 23.02.2017 15:07, Iulian Roman wrote:
> Despite reading the freeipa and Redhat IdM documentation regarding the
> DNS , it is still unclear to me if and when is integrated DNS
> mandatory . We do have an environment with a pretty complex DNS setup
> , which is in place for years and there are no plans to change it.
Integrated DNS is not mandatory at all. Without IPA DNS you have to
manage all IPA system records manually on external DNS
>
> if i understood correctly from the documentation , integrated DNS is
> mandatory for configuring AD trust. is that correct ?
No, it is not needed for AD trust, you need to add additional DNS records
>
> Can the integrated DNS be configured as forward only ? Do the clients
> need to have IPA DNS as a resolver or they can just use existing DNS
> server ?
You don't need to install IPA DNS.
All records the IPA needs can be received from command `ipa
dns-update-system-records --dry-run` (IPA4.4+)
>
>
>
>
Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170223/dc98edd4/attachment.htm>
More information about the Freeipa-users
mailing list