Multiple Freeipa to 1 ipa client with 2 separate interfaces
Hello All,
I want to deploy a small infra, with 2 separate FreeIPA server to access in 1 ipa client, all machine are in 1 REALM :
admin.ipa.paris.example.com
prod.ipa.paris.exemple.com
The both IP server haven't a link between.
The IPA client have 2 networks interfaces, 1 in admin network, the other in prod network. And so 2 names:
ETH0: ipaclient.admin.ipa.paris.exemple.com
ETH1 : ipaclient.prod.ipa.paris.exemple.com
Hostname : ipaclient.ipa.paris.exemple.com
Its possible to enroll this ipa client into both Freeipa server with differents name ?
About the Kerberos, why I must make to add the both server for validation access ssh ?
About the SSSD, why I must make into the conf to also for validation ?
Thanks you for you help.
|