Bug 910546

Summary: Explain how autodiscovery works in ipa-client-install man pages
Product: Red Hat Enterprise Linux 7 Reporter: Namita Soman <nsoman>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED CURRENTRELEASE QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 7.0CC: mkosek, spoore
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-3.2.1-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-13 10:13:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Namita Soman 2013-02-12 19:55:18 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/3383

Add a section explaining how autodiscovery works. Some parameters like `--server` have side-effect (like disabling DNS autodiscovery in krb5.conf), while other do not. User should be able to find this information in the man page.
Comment 1 Rob Crittenden 2013-02-19 16:15:01 UTC 
Fixed upstream.

master: 74c11d88aeb43fe45a22e787c60f8c20c454ec56

ipa-3-1: 0d65300f69a2791be7d3a9ecb54e54093826f7a9
Comment 4 Scott Poore 2013-12-18 21:15:09 UTC 
Verified.

Version ::
ipa-client-3.3.3-5.el7.x86_64


Test Results ::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa_bugcheck_bz910546:  Explain how autodiscovery works in ipa-client-install man pages
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

ipa-client-3.3.3-5.el7.x86_64
:: [   PASS   ] :: Running 'man -P /bin/cat ipa-client-install 2>/dev/null > /tmp/tmpout.ipa_bugcheck_bz910546' (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/tmpout.ipa_bugcheck_bz910546' should contain 'DNS Autodiscovery' 


   DNS Autodiscovery
       Client  installer  by  default  tries to search for _ldap._tcp.DOMAIN DNS SRV records for all
       domains that are parent to its hostname. For example, if a  client  machine  has  a  hostname
       'client1.lab.example.com',  the  installer  will  try to retrieve an IPA server hostname from
       _ldap._tcp.lab.example.com,  _ldap._tcp.example.com  and  _ldap._tcp.com  DNS  SRV   records,
       respectively.  The  discovered  domain is then used to configure client components (e.g. SSSD
       and Kerberos 5 configuration) on the machine.

       When the client machine hostname is not in a subdomain of an IPA server, its  domain  can  be
       passed  with --domain option. In that case, both SSSD and Kerberos components have the domain
       set in the configuration files and will use it to autodiscover IPA servers.

       Client machine can also be configured without a DNS autodiscovery at all. When both  --server
       and  --domain  options  are  used,  client installer will use the specified server and domain
       directly. --server option accepts multiple server hostnames which can be  used  for  failover
       mechanism.  Without  DNS  autodiscovery,  Kerberos is configured with a fixed list of KDC and
       Admin servers. SSSD is still configured to either try to read domain's  SRV  records  or  the
       specified  fixed list of servers. When --fixed-primary option is specified, SSSD will not try
       to read DNS SRV record at all (see sssd-ipa(5) for details).
Comment 5 Ludek Smid 2014-06-13 10:13:32 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.