I also didn't answer about DHCP... DHCP and DNS shouldn't have to care about each other, unless IP addresses are likely to change; If they are, you will need a method of updating the DNS records. FreeIPA lets the client update their own records; Windows prefers to deal with it on the server. SO, the "Best Practice" is *probably* to let Windows play DHCP server.
That's probably what I will do next. Currently, I'm using the DHCP server in my firewall, which is less-than-ideal for a number of reasons, not the least of which is: Because Windows machines belong to the win.example.com|10.42.2.0 network, and Linux machines belong to the lin.example.com|10.42.1.0 network, all of the leases need static reservations (As an aside, I don't put ALL machines in the domains... Things like phones and Rasperry Pi's are considered "Untrusted," get addresses out of the 10.42.0.0 IP pool, and don't have domain names at all...). Which sucks for onloading a new machine: I have to add the DHCP reservations to the firewall, then add the client to the domain... In two separate interfaces. I suppose if it were all in Windows Server, then it's at least all in the same place... On Tue, Jun 19, 2018, 13:35 Galen Seitz <gal...@seitzassoc.com> wrote: > On 06/19/2018 12:33 PM, Tyrell Jentink wrote:> > > The second is FreeIPA, lives at 10.42.1.10 and it serves the > lin.example.com > > subdomain and the 1.42.10.arpa reverse domain. It has a conditional > > forwarder to forward requests under win.example.com to 10.42.2.10 > > Some questions for you: > > What is the FQDN of your ipa server? > > Are you using DHCP for client machines? If so, where is it hosted and > how does it interact with your DNS server? > > > thanks, > galen > -- > Galen Seitz > gal...@seitzassoc.com > _______________________________________________ > PLUG mailing list > PLUG@pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
