Currently IPA generates all DNS SRV records (if IPA DNS is enabled) for all services and all servers.
Users want:
This was asked for by:
This is more complicated than it sounds. A lot of software assumes things are on the same host.
SSSD assumes an IPa server offers both krb and ldap, so having SRV records that offer only one but not the other woould bascailly be ignored.
Windows clients even completely ignore the port on SRV records and also assume all services available at the same tim (at least for LDAP, [GC,] Kerberos).
So this is not as simple as allowing admins to arbitrarily change specific SRV records. Before we can allow tht we need to build and test a rule-set around what can be done and what can't.
Metadata Update from @mbasti: - Issue assigned to someone - Issue set to the milestone: Ticket Backlog
Hidden replicas has implemented part of this ask.
The rest of the ask (per-service suppression of SRV records) we have not seen any further requests or discussion about it in 4 years. Perhaps we can close this WONTFIX?
Metadata Update from @ftweedal: - Issue close_status updated to: None
Login to comment on this ticket.