[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SRV records can't point to CNAMEs

[Andreas B. Mundt]
> Hmm, I don't know how to fix this. To me it looks a bit like
> sacrificing a clear and common DNS setup in favor of a very special
> setup (for which I don't know how to get Kerberos working).  This
> tuned setup works out of the box at the University of Oslo in a
> special environment, but causes hassle and confusion probably
> everywhere else.

Note that as far as I can tell, the university of Oslo is not a
special environment, and the script is written to handle the common
way to set up Kerberos and LDAP on unix in a mixed AD/Unix network.
It allow Windows and AD clients to get their separate setup without
one leaking into the other unless it is the indended behaviour.  The
script also generate what seem to be a working setup for mit.edu, and
I would very much welcome info on other environments (DNS-domains)
where I can test it. :)

There were many considerations to take when writing the code to
dynamically set up all clients during installation based on DNS, and I
believe I ended up with the most sensible way to do it.

> Any ideas how to solve that and continue?

Well, my idea was already implemented, which was to point SRV records
to servicenames, and make sure these service names were A records in

Why not keep the A records and just remove the PTR records?  With
separate forward and reverse records, that should work fine.  After
all, the original complaint was that 'host' would resolve to
several names, not that 'host ldap' would resolve to

Happy hacking,
Petter Reinholdtsen

Reply to: