Then you have 3 options, really: - Reconfigure DNS PTRs for all servers to resolve to the same name (not sure if it is gonna work, though) - Use RH-7 & FQDN - get rid of that nasty DNS based load balancing hack and use something like pNFS.
O.
-----Original Message----- From: sssd-users-bounces@lists.fedorahosted.org [mailto:sssd-users-bounces@lists.fedorahosted.org] On Behalf Of John Beranek Sent: 20 October 2015 15:05 To: End-user discussions about the System Security Services Daemon sssd-users@lists.fedorahosted.org Subject: Re: [SSSD-users] SSSD & AD & Kerberized nfs
On 20 October 2015 at 14:53, Ondrej Valousek Ondrej.Valousek@s3group.com wrote:
Do you have the SPNs properly configured? As per the document. Thing is that if you have more servers behind a single A record, RH-6 is not going to work (details? see the document).
Yes, that's the issue. The Isilon storage system in question has 32 IPs and therefore 32 A records and 32 PTR records. I don't really want to put 32 more items in the SPN...
John