-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/08/2010 07:13 AM, Konstantin Kozlov wrote: > I've installed everything from official repos. SSSD caused problems > because ipa-client-install made a 'default' domain in sssd.conf and > sssd was looking for SRV records in DNS for LDAP and KDC with > '.default' suffix. There are no such records and other FreeIPA clients > are happy with that so I add those lines to sssd.conf
Yes, this is a known problem when using authconfig, which I presume ipa-client-install uses. The fix will be in SSSD 1.3 (https://fedorahosted.org/sssd/ticket/479). If you would like to continue using service discovery, you can rename the SSSD domain from default to whatever your IPA domain is. Also please note that the krb5_kdcip option is named a little misleading, it doesn't have to be an IP address, hostname is OK, too. Jakub -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkwN69YACgkQHsardTLnvCUBGgCfefHDDjBGbr+i7QegFm8uidyG K2cAoMCfANy8Z5COAXs88ZZNIkeYmeFK =Mf8q -----END PGP SIGNATURE----- _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
