Hi, Sorry.....
but Im getting hammered by my management for instant answers.......they asked last night and expect an answer this morning.....and I'm expected to catch up and deploy several important solutions/projects all hinging on IPA ASAP....... 2.2 isnt in RHEL6.3 though? Anyway I will leave it longer, but Qs seem to drop off the list pretty quickly....... regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 ________________________________________ From: Rob Crittenden [[email protected]] Sent: Thursday, 21 June 2012 8:31 a.m. To: Steven Jones Cc: [email protected] Subject: Re: [Freeipa-users] Do clients have to be in teh same DNS zone / FQDN as the IPA servers / Kerberos Realm? Steven Jones wrote: > I assume with no reply, now one knows? That's not really fair, it hasn't even been 24 hours. > My IPA servers are say ipa1 and 2.ipa.example.com > > I have existing linux servers that I would rather not change the FQDN on, say > server1.example.com Do I actually have to make the client > server1.ipa.example.com or can I leave it as is at server1.example.com? Would > that give any IPA problems? or is it just poor practice? Yes, you should be able to enroll server1.example.com into the ipa.example.com realm. You'll need a v2.2+ client for this to work. A patch was added (contributed by a user, actually) that will add a domain mapping to krb5.conf so this should work. rob _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
