[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SRV records can't point to CNAMEs

Hi Petter,

I guess your help is needed on this issue ...

On Fri, Feb 18, 2011 at 12:09:04PM +0100, Petter Reinholdtsen wrote:
> [Andreas B. Mundt]
> > Is there a problem with that I've missed? 
> 
> I might be mistaken, but I believe the sssd setup script will actually
> look up the SRV entry and store the value it points to in its config
> file.  Thus it do not help to change the SRV entry in DNS after sssd
> has been configured, as the sssd client will continue to use the old
> value.
> 
> The value is copied to ensure that the client try to talk to the same
> servers even if it move to a different network.
> 

Can you elaborate a bit on the scripts that provide this
configurations?

I had a quick look on the find_ldap_server function in 
share/perl5/Debian/Edu.pm (debian-edu-config) which is used in
debian-edu-ldapserver and fails on my workstation to provide the
correct ldap server (resulting in an almost complete failure of the
system). However, when I enter (on the workstation):

root@localhost:~# nslookup -type=srv _ldap._tcp.intern
Server:         127.0.0.1
Address:        127.0.0.1#53

_ldap._tcp.intern       service = 100 0 389 tjener.intern.

I get the correct answer: LDAP is currently provided by
tjener.intern. 

Would it be possible to modify debian-edu-ldapserver and perhaps
corresponding tools to work with the provided SRV-records?

Best regards,

     Andi
Reply to: