[Freeipa-users] automatic dns update failing
Simo Sorce
simo at redhat.com
Sun Feb 19 19:47:43 UTC 2012
On Sun, 2012-02-19 at 17:23 +0100, Marco Pizzoli wrote:
> Hi,
> During my setup today I'm always failing in enrolling clients with
> automatic dns updates.
> I'm playing with FreeIPA 2.1.90, but I guess this is a general
> problem, not strictly due to the alpha version.
>
> I'm doing a "ipa-client-install --enable-dns-updates" and at the
> console I see:
> Failed to update DNS A record. (Command '/usr/bin/nsupdate
> -g /etc/ipa/.dns_update.txt' returned non-zero exit status 2)
>
> I see in server logs that named refuses it:
> Feb 19 17:05:25 freeipa01 named[2089]: client 192.168.20.112#38558:
> update 'internet.unix.mydomain.it/IN' denied
> Feb 19 17:05:25 freeipa01 named[2089]: client 192.168.20.112#40809:
> update 'internet.unix.mydomain.it/IN' denied
>
> What is the cause? What other informations do you need about my
> deployment?
Did you install freeipa with the --setup-dns option ?
And does your client use the freeipa dns server in that case ?
If either answer is no, it is normal to see the update fail as a non
freeipa dns server wouldn't be able to accept the update (unless you
manually configured the external server to handle GSS-TSIG updates).
If both answers are yes then we may need to activate debug logging in
named, as it is supposed to work.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list