此内容没有您所选择的语言版本。
17.2. Using IdM and DNS Service Discovery with an Existing DNS Configuration
To help create and configure a suitable DNS setup, the IdM installation script creates a sample zone file. During the installation, IdM displays a message similar to the following:
Sample zone file for bind has been created in /tmp/sample.zone.F_uMf4.db
If a DNS server is already configured in the network, then the configuration in the IdM-generated file can be added to the existing DNS zone file. This allows IdM clients to find . For example, this DNS zone configuration is created for an IdM server with the KDC and DNS servers all on the same machine in the EXAMPLE.COM realm:
Example 17.1. Default IdM DNS File
; ldap servers _ldap._tcp IN SRV 0 100 389 ipaserver.example.com. ;kerberos realm _kerberos IN TXT EXAMPLE.COM ; kerberos servers _kerberos._tcp IN SRV 0 100 88 ipaserver.example.com. _kerberos._udp IN SRV 0 100 88 ipaserver.example.com. _kerberos-master._tcp IN SRV 0 100 88 ipaserver.example.com. _kerberos-master._udp IN SRV 0 100 88 ipaserver.example.com. _kpasswd._tcp IN SRV 0 100 464 ipaserver.example.com. _kpasswd._udp IN SRV 0 100 464 ipaserver.example.com.
Note
If DNS services are hosted by a server outside the IdM domain, then an administrator can add the lines in Example 17.1, “Default IdM DNS File” to the existing DNS zone file. This allows IdM clients and servers to continue to use DNS service discovery to find the LDAP and Kerberos servers (meaning, the IdM servers) that are required for them to participate in the IdM domain.
