Windows servers do not look for the simple service records like _ldap._tcp, but search for _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs and _ldap._tcp.dc._msdcs.
The ipa-adtrust-install utility should create corresponding entries if the IPS server is an DNS server as well and give a hint about creating them manually if an external DNS server is used.
Not only ipa-adtrust-install should create those records, but code needs to be added to ipa-replica-manage to manage those records when replicas are added/removed
The patch is currently on review, moving to next milestone.
master: d24dda2
A wrong version of the patch was pushed. This has been reverted:
master: ac45a5e
The rebased correct patch version:
master: 2ac9d48
Metadata Update from @sbose: - Issue assigned to sbose - Issue set to the milestone: FreeIPA 3.0 Trust Effort - 2011/11
Login to comment on this ticket.