I've configured FreeIPA servers in
identity.demarcohome.com, and my
internal machines are in
int.demarcohome.com.
I added discovery SRV records to the
int.demarcohome.com:
_kerberos TXT "IDENTITY.demarcohome.COM"
_kerberos-master._tcp SRV 0 100 88
ipa1.identity.demarcohome.com.
_kerberos-master._udp SRV 0 100 88
ipa1.identity.demarcohome.com.
_kerberos._tcp SRV 0 100 88
ipa1.identity.demarcohome.com.
_kerberos._udp SRV 0 100 88
ipa1.identity.demarcohome.com.
_kpasswd._udp SRV 0 100 464
ipa1.identity.demarcohome.com.
_ldap._tcp SRV 0 100 389
ipa1.identity.demarcohome.com.
When configuring a client, a few things didn't go well:
2020-02-24T22:51:21Z DEBUG args=['/usr/bin/getent', 'passwd', '
ndemarco(a)int.demarcohome.com']
2020-02-24T22:51:21Z DEBUG Process finished, return code=2
Also some unexpected [Try 1] blocks in the error log like:
DEBUG Try RPC connection
INFO [try 1]: Forwarding 'ping' to json server '
https://ipa1.identity.demarcohome.com/ipa/session/json'
DEBUG New HTTP connection (
ipa1.identity.demarcohome.com)
My DNS is probably not set up properly yet, but I'm properly worn out for
the day on this.