Thank you @Jochen for the detailed answer. This however doesn't answer my
question. When you run your playbook on the freeipa server/replica do you get
kerberos authentication? can you log into the cockpit ui and the freeipa ui
without a password prompt?
I want to authenticate to cockpit with kerberos. Some of the servers however
have other services running on the http service in freeipa. Freeipa is also an
example. What is the proper way that I can have kerberos authentication on
cockpit running on freeipa master and replica servers? I know tha
so I've narrowed the problem down. installing pure freeipa is working just
fine. My problems start arising after I add dns proxy to katello:
https://docs.theforeman.org/3.5/Installing_Server/index-katello.html#configuring-external-idm-dns_foreman.
I have 4 ipa servers 1 master 3 replicas, each r
here is the named.service log
Mar 31 13:29:52 mserver001p.test.domain.com systemd[1]: Starting Berkeley
Internet Name Domain (DNS)...
░░ Subject: A start job for unit named.service has begun execution
░░ Defined-By: systemd
░░ Support: https://access.redhat.com/support
░░
░░ A start job for unit
its getting weirder and weirder ... really speechless
[lessfoobar@rserver003p ~]$ ssh rserver003p.test.domain.com
Web console: https://rserver003p.test.domain.com:9090/ or
https://192.168.0.24:9090/
Last login: Thu Mar 30 21:48:04 2023 from 192.168.66.66
[lessfoobar@rserver003p ~]$ host mserver
Hi thanks for checking my thread out,
> This is listing records for zone 'int.domain.com'.
This is my mistake while changing the domain for the post. I've missed this
part. you can safely ignore
> Do you have reverse records (PTR) in place? What are the records for zone
> '0.168.192.in-addr.arp
rcrit suggested to add those records also:
ipa dnszone-find
Zone name: 168.192.in-addr.arpa.
Active zone: True
Authoritative nameserver: mserver001p.test.domain.com.
Administrator e-mail address: hostmaster.test.domain.com.
SOA serial: 1680032832
SOA refresh: 3600
SOA retry: 900
SO
So for the last week I'm having trouble with my DNS. It is not working as
expected and is giving me all sort of headaches. I have 4 ipa servers and 4
clients. This is test env for evaluation purposes and I wan't to move to
production later on. My problem however is DNS. I'm on rhel9.1 and my fre
