IPA HA cluster
When ipa-server is setup with embedded DNS (using --setup-dns ) SRV records are automatically added in IPA.
If its external DNS server, you need to add records something like this in your DNS server.
_ldap._tcp.example.com. 86400 IN SRV 0 100 389
ipaserver1.example.com.
_kerberos._tcp.example.com. 86400 IN SRV 0 100 88 ipaserver1.example.com.
_kerberos._udp.example.com. 86400 IN SRV 0 100 88 ipaserver1.example.com.
_kpasswd._tcp.example.com. 86400 IN SRV 0 100 464
ipaserver1.example.com.
_kpasswd._udp.example.com. 86400 IN SRV 0 100 464
ipaserver1.example.com.After this client will auto discover IPA server which is providing LDAP & Kerberos information.
Try to run below commands on your IPA client & point resolv.conf to IPA server & IPA client
dig srv _ldap._tcp.dataservice.net
dig srv _kerberos._tcp.dataservice.net
dig srv _kpasswd._tcp.dataservice.net_kerberos-master._tcp SRV 0 100 88 x000xipa000.nix.tech.altenar.net.
SRV 0 100 88 x000xipa001.nix.tech.altenar.net.
_kerberos-master._udp SRV 0 100 88 x000xipa000.nix.tech.altenar.net.
SRV 0 100 88 x000xipa001.nix.tech.altenar.net.
_kerberos._tcp SRV 0 100 88 x000xipa000.nix.tech.altenar.net.
SRV 0 100 88 x000xipa001.nix.tech.altenar.net.
_kerberos._udp SRV 0 100 88 x000xipa000.nix.tech.altenar.net.
SRV 0 100 88 x000xipa001.nix.tech.altenar.net.
_kpasswd._tcp SRV 0 100 464 x000xipa000.nix.tech.altenar.net.
SRV 0 100 464 x000xipa001.nix.tech.altenar.net.
_kpasswd._udp SRV 0 100 464 x000xipa000.nix.tech.altenar.net.
SRV 0 100 464 x000xipa001.nix.tech.altenar.net.
_ldap._tcp SRV 0 100 389 x000xipa000.nix.tech.altenar.net.
SRV 0 100 389 x000xipa001.nix.tech.altenar.net.
_ntp._udp SRV 0 100 123 x000xipa000.nix.tech.altenar.net.
SRV 0 100 123 x000xipa001.nix.tech.altenar.net. You can acquire a list of the required SRV records specific to your system setup by running the $ ipa dns-update-system-records --dry-run command.
Last updated
Was this helpful?