Use DNS to find the IPA server address

fedora-infra / fasjson

GNU General Public License v3.0

8 stars 15 forks source link

Use DNS to find the IPA server address #651

Closed abompard closed 4 months ago

abompard commented 5 months ago

Expected Behavior

FASJSON should use DNS to find the IPA server address.

Actual Behavior

It's currently reading /etc/ipa/default.conf, but that points to only one server.

abompard commented 5 months ago

You can get a list of LDAP servers with:

$ host -t srv  _ldap._tcp.fedoraproject.org
_ldap._tcp.fedoraproject.org has SRV record 0 100 389 ipa01.iad2.fedoraproject.org.
_ldap._tcp.fedoraproject.org has SRV record 0 100 389 ipa03.iad2.fedoraproject.org.
_ldap._tcp.fedoraproject.org has SRV record 0 100 389 ipa02.iad2.fedoraproject.org.

abompard commented 4 months ago

Looks like we're already using DNS discovery in FASJSON to detect the LDAP server, see fasjson.web.extensions.flask_ipacfg.IPAConfig._detect_ldap.