Re: SRV records can't point to CNAMEs

Hi, On Sat, Feb 19, 2011 at 08:14:03AM +0100, Petter Reinholdtsen wrote: > [Andreas B. Mundt] > > Hmm, I don't know how to fix this. To me it looks a bit like > > sacrificing a clear and common DNS setup in favor of a very special > > setup (for which I don't know how to get Kerberos working). Th

Re: SRV records can't point to CNAMEs

[Andreas B. Mundt] > Hmm, I don't know how to fix this. To me it looks a bit like > sacrificing a clear and common DNS setup in favor of a very special > setup (for which I don't know how to get Kerberos working). This > tuned setup works out of the box at the University of Oslo in a > special env

Re: SRV records can't point to CNAMEs

Hi Petter, thanks for your reply: On Fri, Feb 18, 2011 at 07:54:42PM +0100, Petter Reinholdtsen wrote: > [Andreas B. Mundt] > > Can you elaborate a bit on the scripts that provide this > > configurations? > > See the postinst of the sssd package. > > > Would it be possible to modify debian-edu-

Re: SRV records can't point to CNAMEs

[Andreas B. Mundt] > Can you elaborate a bit on the scripts that provide this > configurations? See the postinst of the sssd package. > Would it be possible to modify debian-edu-ldapserver and perhaps > corresponding tools to work with the provided SRV-records? Sure, but it would break on sites

Re: SRV records can't point to CNAMEs

Hi Petter, I guess your help is needed on this issue ... On Fri, Feb 18, 2011 at 12:09:04PM +0100, Petter Reinholdtsen wrote: > [Andreas B. Mundt] > > Is there a problem with that I've missed? > > I might be mistaken, but I believe the sssd setup script will actually > look up the SRV entry and

Re: SRV records can't point to CNAMEs

[Andreas B. Mundt] > Is there a problem with that I've missed? I might be mistaken, but I believe the sssd setup script will actually look up the SRV entry and store the value it points to in its config file. Thus it do not help to change the SRV entry in DNS after sssd has been configured, as t

Re: SRV records can't point to CNAMEs

[Andreas B. Mundt] > That's why I changed them pointing to tjener.intern, the machine > where the service is actually running after the default > installation. Right. I misread the diff when I quickly had a look. Pointing to tjener should not be in conflict with the DNS spec. > To move services

Re: SRV records can't point to CNAMEs (Was: r73002 - in trunk/src/debian-edu-config: debian etc/bind ldap-bootstrap)

On Thu, Feb 17, 2011 at 06:03:02PM +0100, Petter Reinholdtsen wrote: > > [Andreas B. Mundt] > > Remove duplicate A-records from DNS configuration to make sure the > > reverse address mapping needed for reliably issuing a Kerberos service > > ticket works. To move services to another machine, add

SRV records can't point to CNAMEs (Was: r73002 - in trunk/src/debian-edu-config: debian etc/bind ldap-bootstrap)

[Andreas B. Mundt] > Remove duplicate A-records from DNS configuration to make sure the > reverse address mapping needed for reliably issuing a Kerberos service > ticket works. To move services to another machine, add the machine to > DNS, remove the CNAME-record(s) and modify the service record(s